Lucene search
K

33 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:13 p.m.4 views

Malicious code in cross.project.dnd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dff9d9c3f7ecfa58a798c74faa13cee022940ba6fa48a4aa293b870efe8de57c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/28 6:15 p.m.8 views

CVE-2022-0595

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dndcodedropzupload AJAX action, which could lead to Stored Cross-Site Scripting issue...

5.4CVSS5.8AI score0.13575EPSS
Exploits2References4
OSV
OSV
added 2022/03/28 6:15 p.m.8 views

CVE-2022-0595

The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dndcodedropzupload AJAX action, which could lead to Stored Cross-Site Scripting issue...

5.4CVSS6AI score0.13575EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.4 views

WordPress plugin Drag and Drop Multiple File Upload 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Drag and Drop Multiple File Upload plugi...

5.4CVSS5.2AI score0.13575EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/08/07 12:0 a.m.281 views

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

8.3CVSS6.6AI score0.05166EPSS
Exploits0References18
BDU FSTEC
BDU FSTEC
added 2017/06/23 12:0 a.m.7 views

The vulnerability of DnD supervisor functions in VMware Fusion and VMware Workstation allows a hacker to execute arbitrary code.

The vulnerability of DnD supervisor functions in VMware Fusion and VMware Workstation arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the operating system remotely...

7.5CVSS8.5AI score0.1994EPSS
Exploits5References3Affected Software2
NVD
NVD
added 2017/06/08 1:29 p.m.18 views

CVE-2017-4901

The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...

9.9CVSS9.6AI score0.1994EPSS
Exploits5References3
Cvelist
Cvelist
added 2017/06/08 1:0 p.m.32 views

CVE-2017-4901

The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...

7.5AI score0.1994EPSS
Exploits5References3
CVE
CVE
added 2017/06/08 1:0 p.m.205 views

CVE-2017-4901

The CVE-2017-4901 entry relates to VMware Workstation 12.x (before 12.5.4) and VMware Fusion 8.x (before 8.5.5), where the drag-and-drop (DnD) function has an out-of-bounds memory access vulnerability. The cited sources describe a potential for a guest operating system to execute code on the host...

9.9CVSS7.3AI score0.1994EPSS
Exploits5References3Affected Software2
NVD
NVD
added 2016/12/29 9:59 a.m.19 views

CVE-2016-7461

The drag-and-drop aka DnD function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service out-of-bounds memory acces...

8.8CVSS8.8AI score0.00542EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/12/29 9:2 a.m.36 views

CVE-2016-7461

The drag-and-drop aka DnD function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service out-of-bounds memory acces...

8.9AI score0.00542EPSS
Exploits0References3
CVE
CVE
added 2016/12/29 9:2 a.m.81 views

CVE-2016-7461

CVE-2016-7461 affects VMware desktop products via a drag-and-drop (DnD) and copy-paste (CnP) memory handling bug in the DnD/CnP RPC path. The issue allows a guest OS user to execute arbitrary code on the host or cause a host DoS through an out-of-bounds memory access. Affected: VMware Workstation...

8.8CVSS8.7AI score0.00542EPSS
Exploits0References3Affected Software4
Tenable Nessus
Tenable Nessus
added 2016/03/16 12:0 a.m.53 views

openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)

This update for webkit2gtk3 fixes the following issues : - Update to version 2.10.7 : + Fix the build with GTK+ 3.16. - Changes from version 2.10.6 : + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix medi...

6.8CVSS6.6AI score0.10946EPSS
Exploits2References42
Rows per page
Query Builder