9 matches found
CVE-2022-31108
Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. An attacker is able to inject arbitrary CSS into the generated graph allowing them to change the styling of elements outside of the...
Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984801 advisory. In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...
EUVD-2025-12157
Malicious code in bioql PyPI...
EUVD-2025-12161
Malicious code in bioql PyPI...
EUVD-2025-12159
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-46398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function. CVE-2025-46398...
CVE-2021-43861
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 t...
CVE-2025-46400
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...
CVE-2021-43861
Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 t...