CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

CVE-2026-39853 osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

CVE-2025-47536

Deserialization of Untrusted Data vulnerability in keywordrush Content Egg content-egg allows Object Injection.This issue affects Content Egg: from n/a through = 7.0.0...

CVE-2024-10316

CVE-2024-10316 involves the Stratum – Elementor Widgets WordPress plugin. The vulnerability affects all versions up to and including 1.4.4 and resides in includes/templates/content-switcher.php, enabling authenticated attackers with Contributor+ privileges to exfiltrate sensitive template data (p...

GHSA-RCVR-8WHX-3M5P Layui cross-site scripting (XSS) vulnerability

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

Layui cross-site scripting (XSS) vulnerability

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

Cross site scripting

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

layui Cross-Site Scripting Vulnerability

Layui is Layui open source Web UI component library that follows the original development model . A cross-site scripting vulnerability exists in versions prior to layui v2.74, which stems from the inclusion of cross-site scripting in the data-content parameter...

PT-2023-31585 · Layui · Layui

Name of the Vulnerable Software and Affected Versions: layui versions up to v2.74 Description: The issue is a cross-site scripting XSS vulnerability. It occurs via the data-content parameter. Recommendations: For versions up to v2.74, as a temporary workaround, consider restricting the use of the...

Code injection

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

What is a firewall ❓ Everything you need to know about

In the tech world, a firewall is a wellbeing network framework that screens and controls moving ever closer affiliation traffic dependent upon destined security rules. A firewall ordinarily draws up a line between a confided in affiliation and an untrusted affiliation, like the Internet.‍ What is...

Cross-site Scripting (XSS)

bootstrap is vulnerable to Cross-site Scripting XSS. The attack exists because it does not escape the data-template, data-content and data-title options for tooltip/popover plugins, allowing to inject malicious script through it...

CVE-2018-19192

An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...

Cross site request forgery (csrf)

An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...

Mozilla Firefox ESR < 52.5 Multiple Vulnerabilities

Binary data 700332.prm...