5838 matches found
qt6-webengine -- multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 262 security bugs in Chromium: CVE-2025-13223: Type Confusion in V8 CVE-2025-13224: Type Confusion in V8 CVE-2025-13630: Type Confusion in V8 CVE-2025-13632: Inappropriate implementation in DevTools CVE-2025-13634: Inappropriate implementation i...
PT-2026-5103
Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the imaplib module. An attacker can manipulate mailbox state, such as deleting emails, moving folders, flagging messages, or reading metadata or specific email content by injecting malicious input...
Huawei HarmonyOS hiview module missing data validation vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A missing data validation vulnerability exists in the Huawei HarmonyOS hiview module, which can be exploited by an attacker to cause availability to be...
CVE-2025-15056
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002807 advisory. Insufficient data validation in waitid allowed an user to escape sandboxes on Linux. Tenable has extracted the preceding description block directly from the Unity...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002788)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002788 advisory. The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data,...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A missing data validation vulnerability exists in the Huawei HarmonyOS hiview module, which can be exploited by an attacker to cause availability to be...
GHSA-V3M3-F69X-JF25 Quill is vulnerable to XSS via HTML export feature
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
CVE-2025-15056
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
CVE-2025-15056
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
CVE-2025-15056
The CVE-2025-15056 entry concerns Quill 2.0.3, where the HTML export feature contains a lack of data validation that enables Cross‑Site Scripting (XSS). The issue is documented across multiple sources (NVD, Red Hat, CIRCL, GHSA/OSV, and Snyk references) confirming the vulnerability in Quill’s HTM...
EUVD-2026-2033
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
CVE-2025-15056 Quill 2.0.3 - Lack of data validation in HTML export allowing XSS
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
CVE-2025-15056 Quill 2.0.3 - Lack of data validation in HTML export allowing XSS
A lack of data validation vulnerability in the HTML export feature in Quill in allows Cross-Site Scripting XSS. This issue affects Quill: 2.0.3...
PT-2026-2446
Name of the Vulnerable Software and Affected Versions Quill version 2.0.3 Description A flaw exists in the HTML export feature of Quill that does not properly validate data, potentially leading to Cross-Site Scripting XSS. This issue was identified by Fluid Attacks' research team. Recommendations...
Quill 注入漏洞
Quill is a Quill open source application. It provides application editor functionality. Quill 2.0.3 version of the injection vulnerability , the vulnerability stems from the HTML export function lack of data validation , which may lead to cross-site scripting attacks...
CVE-2023-4369
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2018-18059
An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can...
CVE-2021-27398
A vulnerability has been identified in Tecnomatix Plant Simulation All versions V16.0.5. The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacke...