23 matches found
Drupal cross-site scripting vulnerability (CNVD-2019-12155)
Drupal is an open source content management system developed by the Drupal community using the PHP language. A cross-site scripting vulnerability exists in Drupal version 7 prior to 7.65, version 8.6 prior to 8.6.13, and version 8.5 prior to 8.5.14, which stems from a lack of proper validation of...
CVE-2018-17692
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
The vulnerability of the SVG vector graphics rendering library, librsvg, related to a data input validation error, allows attackers to trigger a service failure.
The vulnerability of the SVG vector graphics rendering library is related to an error in data input validation. This error may allow a hacker to intercept the Windows user’s password and NTLM credentials via the SMB protocol. Exploiting this vulnerability could enable a remote attacker to gain...