26 matches found
EUVD-2021-1795
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-42863
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer wit...
Exploit for Type Confusion in Google Chrome
CVE-2024-1939 This is a short writeup for the CVE-2024-1939,...
CVE-2024-39840
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects...
CVE-2024-39840
Factorio before 1.1.101 is affected. A crafted server map can trigger arbitrary code execution on clients by abusing certain Lua base module functions to execute bytecode and create fake objects. Affected component: Factorio server/client interaction via custom maps; root cause: Lua base module f...
Ubuntu 16.04 ESM : CKEditor vulnerabilities (USN-5340-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5340-2 advisory. USN-5340-1 fixed several vulnerabilities in CKEditor. This update provides the fixes for CVE-2018-9861, CVE-2020-9281, CVE-2021-32809, CVE-2021-33829 and...
CKEditor < 4.16.2 XSS Vulnerability - Windows
CKEditor is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...
CVE-2021-42863
A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size...
JerryScript 安全漏洞
JerryScript is a lightweight JavaScript engine from the Jerryscript project. A security vulnerability exists in JerryScript version fe3a5c0, which stems from a buffer overflow in ecmabuiltintypedarrayprototypefilter. An attacker can exploit the vulnerability to construct a fake object or a fake...
Ubuntu 18.04 LTS / 20.04 LTS : CKEditor vulnerabilities (USN-5340-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5340-1 advisory. Kyaw Min Thein discovered that CKEditor incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary...
Debian DLA-2813-1 : ckeditor - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2813 advisory. CKEditor, an open source WYSIWYG HTML editor with rich content support, which can be embedded into web pages, had two vulnerabilites as follows: CVE-2021-33829 A...
Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.
Affected packages The vulnerability has been discovered in Fake Objects plugin. All plugins with Fake Objects plugin dependency are affected: Fake Objects Link Flash Iframe Forms Page Break Impact A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability...
GHSA-M94C-37G6-CJHC Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.
Affected packages The vulnerability has been discovered in Fake Objects plugin. All plugins with Fake Objects plugin dependency are affected: Fake Objects Link Flash Iframe Forms Page Break Impact A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability...
Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.
Affected packages The vulnerability has been discovered in Fake Objects plugin. All plugins with Fake Objects plugin dependency are affected: Fake Objects Link Flash Iframe Forms Page Break Impact A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability...
Command Injection
CKEditor 4 Fake Objects is vulnerable to command injection vulnerability. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code...
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...
DEBIAN-CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...
UBUNTU-CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...