insert_many can drop elements twice on panic

Affected versions of insertmany used ptr::copy to move over items in a vector to make space before inserting, duplicating their ownership. It then iterated over a provided Iterator to insert the new items. If the iterator's .next method panics then the vector would drop the same elements twice...

GHSA-63Q7-H895-M982 Cross-site Scripting in dompurify

Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements...

The vulnerability of the FortiSIEM Windows Agent security management system lies in the absence of quotation marks around elements or search paths in the code. This allows attackers to escalate their privileges.

The vulnerability of the FortiSIEM Windows Agent security management system is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

VecCopy allows misaligned access to elements

VecCopy::data is created as a Vec of u8 but can be used to store and retrieve elements of different types leading to misaligned access. The issue was resolved in v0.5.0 by replacing data being stored by Vec with a custom managed pointer. Elements are now stored and retrieved using types with prop...

RUSTSEC-2020-0050 VecCopy allows misaligned access to elements

VecCopy::data is created as a Vec of u8 but can be used to store and retrieve elements of different types leading to misaligned access. The issue was resolved in v0.5.0 by replacing data being stored by Vec with a custom managed pointer. Elements are now stored and retrieved using types with prop...

Cross-site scripting vulnerability via `<math>` or `<svg>` element in Sanitize

When HTML is sanitized using Sanitize's "relaxed" config or a custom config that allows certain elements, some content in a or element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config o...

kernel: buffer-overflow hardening in WiFi beacon validation code.

A flaw in the Linux kernel's WiFi beacon validation code was discovered. The code does not check the length of the variable length elements in the beacon head potentially leading to a buffer overflow. System availability, as well as data confidentiality and integrity, can be impacted by this...

CVE-2018-1000632

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or...

Pytm - A Pythonic Framework For Threat Modeling

Define your system in Python using the elements and properties described in the pytm framework. Based on your definition, pytm can generate, a Data Flow Diagram DFD, a Sequence Diagram and most important of all, threats to your system. Requirements Linux/MacOS Python 3.x Graphviz package Java...

CVE-2020-5230

Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape working directorie...

CVE-2019-17672

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements...

Malicious Package

smartsearchwp is a malicious package. The package contains malicious code that steal credentials from websites it is loaded in when executed. DOM elements are traversed for usernames and passwords, which are subsequently uploaded to a remote server. Port scans of local gateway are performed and...

VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...

SimpleMDE XSS Vulnerability

SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with and characters, which is mishandled during construction of an A element...

CVE-2018-14527

Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements...

Microsoft Edge CQuotes Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

USN-3424-1: libxml2 vulnerabilities

It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. CVE-2017-0663 It was discovered that libxml2 did not properly validate parsed entity references. An...

Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities

The version of libxml2 packaged with Nokogiri contains several vulnerabilities. Nokogiri has mitigated these issues by upgrading to libxml 2.9.5. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial ...

CVE-2016-2102

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network...

IE vulnerability commissioning of CVE-2 0 1 3-3 8 9 3-vulnerability warning-the black bar safety net

Introduction Windows platform vulnerability discovery, and security research, IE is always not open around the topic. IE vulnerabilities just like the adobe series like Classic, is learning to exploit, the shellcode and the perfect way. On the IE vulnerability, the UAF IE Use-After-Free is the mo...