ALPINE-CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

UBUNTU-CVE-2024-47541

GStreamer is a library for constructing graphs of media-handling components. An OOB-write vulnerability has been identified in the gstssaparseremoveoverridecodes function of the gstssaparse.c file. This function is responsible for parsing and removing SSA SubStation Alpha style override codes,...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform that stems from an escape tool used in XWiki that does not escape , which when used in certain places, allows XWiki syntax injection to...

SUSE CVE-2018-16874

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces both '' and '' characters. Specifically, it is only vulnerable in GOPATH mode, but not in module mode th...

Cross site scripting

In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rendered HTML elements which contain curly-braces. By creating a crafted wiki page, a malicious Wiki.j...

PT-2020-7688

Name of the Vulnerable Software and Affected Versions Ansible versions prior to 1.6.7 Description The issue allows remote attackers to execute arbitrary code via crafted lookup'pipe' calls or crafted Jinja2 data, due to the lack of prevention of inventory data with "" and "lookup" substrings, and...