82 matches found
DEBIAN-CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
UBUNTU-CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
CVE-2026-20031
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
ClamAV Cascading Style Sheets Image Parsing Error Handling Denial of Service Vulnerability
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
OESA-2026-1468 thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...
CVE-2023-53901
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests...
CVE-2023-53901
WBCE CMS 1.6.1 is affected by a cross-site scripting vulnerability that allows an attacker to upload a crafted HTML file with CSS-based keylogging to capture user keystrokes (e.g., passwords) via background image requests. Affected component is the upload/handling of HTML files; root cause is imp...
CVE-2025-62793 eLabFTW HTML / CSS Injection via Malicious SVG Upload Leads to Credential Theft / Clickjacking
eLabFTW is an open source electronic lab notebook for research labs. The application served uploaded SVG files inline. Because SVG supports active content, an attacker could upload a crafted SVG that executes script when viewed, resulting in stored XSS under the application origin. A victim who...
EUVD-2022-48316
Malicious code in bioql PyPI...
EUVD-2025-27394
Malicious code in bioql PyPI...
CVE-2025-58980
Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS export-wp-page-to-static-html allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Export WP Page to Static HTML/CSS: from n/a through = 4.1.0...
CVE-2025-58980
CVE-2025-58980 describes a Missing Authorization vulnerability in the WordPress plugin Export WP Page to Static HTML/CSS , affecting versions from n/a up to and including 4.1.0 . Root cause: lack of proper authorization checks allows accessing functionality not constrained by ACLs. Impact: unauth...
PT-2025-36801
Name of the Vulnerable Software and Affected Versions: Export WP Page to Static HTML/CSS versions n/a through 4.1.0 Description: A missing authorization issue exists in Export WP Page to Static HTML/CSS, allowing access to functionality not properly constrained by Access Control Lists ACLs...
MAL-2025-43461 Malicious code in apachecn-html-css-zh-pt2 (npm)
The package apachecn-html-css-zh-pt2 was found to contain malicious code...
MAL-2025-43462 Malicious code in apachecn-html-css-zh-pt3 (npm)
The package apachecn-html-css-zh-pt3 was found to contain malicious code...
Malicious code in apachecn-html-css-zh-pt2 (npm)
The package apachecn-html-css-zh-pt2 was found to contain malicious code...
CVE-2024-3597 Export WP Page to Static HTML/CSS <= 2.2.2 - Open Redirect
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.2.2. This is due to insufficient validation on the redirect url supplied via the rcexportedzipfile parameter. This makes it possible for unauthenticated attackers to...
WordPress plugin Export WP Page to Static HTML/CSS security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...