CVE-2019-16941

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An...

EUVD-2020-18456

Malware in sbrugna...

EUVD-2019-7736

Malware in sbrugna...

EUVD-2020-17152

Malware in sbrugna...

EUVD-2017-2566

Malware in sbrugna...

EUVD-2020-25534

Malware in sbrugna...

EUVD-2015-8458

Malware in sbrugna...

EUVD-2023-33827

Malicious code in bioql PyPI...

EUVD-2024-36559

Malicious code in bioql PyPI...

CVE-2025-6725 Cross-Site Scripting (XSS) in PdfViewer

In the PdfViewer component, a Cross-Site Scripting XSS vulnerability is possible if a specially-crafted document has already been loaded and the user engages with a tool that requires the DOM to be re-rendered...

CVE-2022-23850

xhtmltranslateentity in xhtml.c in epub2txt aka epub2txt2 through 2.02 allows a stack-based buffer overflow via a crafted EPUB document...

CVE-2023-26819

cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

CVE-2023-26819

cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...

CVE-2024-56173

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScript in an SVG document...

OpenPLC Cross-Site Scripting Vulnerability

OpenPLC is an open source programmable logic controller. It can provide low-cost industrial solutions for automation and research. OpenPLC suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can ...

CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...