169 matches found
EUVD-2025-7921
Malicious code in bioql PyPI...
EUVD-2025-0136
Malicious code in bioql PyPI...
Malicious code in @zalastax/nolb-react-ig (npm)
The package @zalastax/nolb-react-ig was found to contain malicious code...
MAL-2025-11974 Malicious code in @zalastax/nolb-ig (npm)
The package @zalastax/nolb-ig was found to contain malicious code...
MAL-2025-13690 Malicious code in @zalastax/nolb-react-ig (npm)
The package @zalastax/nolb-react-ig was found to contain malicious code...
Malicious code in @zalastax/nolb-ig (npm)
The package @zalastax/nolb-ig was found to contain malicious code...
CVE-2025-22872 affecting package ig for versions less than 0.37.0-4
CVE-2025-22872 affecting package ig for versions less than 0.37.0-4. A patched version of the package is available...
CVE-2025-24363
The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...
PT-2025-21484 · Git +1 · Jetpack +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue allows administrators to make GET requests to arbitrary URLs through the 'wp ajax boost proxy ig' action. Recommendations: At the moment, there is no information about a newer...
AZL-60492 CVE-2025-22872 affecting package ig for versions less than 0.37.0-4
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
Azure Linux 3.0 Security Update: coredns / ig / keda (CVE-2025-29786)
The version of coredns / ig / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...
CBL Mariner 2.0 Security Update: coredns / ig / keda (CVE-2025-29786)
The version of coredns / ig / keda installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...
CVE-2025-29786 affecting package ig for versions less than 0.37.0-3
CVE-2025-29786 affecting package ig for versions less than 0.37.0-3. A patched version of the package is available...
CVE-2025-27144 affecting package ig for versions less than 0.37.0-2
CVE-2025-27144 affecting package ig for versions less than 0.37.0-2. A patched version of the package is available...
CVE-2025-30597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iografica IG Shortcodes ig-shortcodes allows DOM-Based XSS.This issue affects IG Shortcodes: from n/a through = 3.1...
CVE-2025-30597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iografica IG Shortcodes ig-shortcodes allows DOM-Based XSS.This issue affects IG Shortcodes: from n/a through = 3.1...
CVE-2025-30597 WordPress IG Shortcodes plugin <= 3.1 Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iografica IG Shortcodes ig-shortcodes allows DOM-Based XSS.This issue affects IG Shortcodes: from n/a through = 3.1...
CVE-2025-30597 WordPress IG Shortcodes plugin <= 3.1 Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in iografica IG Shortcodes ig-shortcodes allows DOM-Based XSS.This issue affects IG Shortcodes: from n/a through = 3.1...
CVE-2025-30597
CVE-2025-30597 corresponds to a DOM-based XSS in IG Shortcodes (WordPress plugin) affecting IG Shortcodes <= 3.1. The issue arises from improper neutralization of input during web page generation, enabling XSS after loading the shortcode. Affected product: IG Shortcodes. Root cause: insufficie...
WordPress IG Shortcodes plugin <= 3.1 Cross Site Scripting (XSS) Vulnerability
WordPress IG Shortcodes plugin = 3.1 Cross Site Scripting XSS Vulnerability discovered by timomangcut in WordPress Plugin IG Shortcodes versions = 3.1...