10 matches found
EUVD-2026-39775
Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into to...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the group parsing process. An attacker can cause memory exhaustion and disrupt the container runtime API by supplying a maliciously crafted image that triggers unbounded parsing,...
EUVD-2018-13444
Malware in sbrugna...
CVE-2025-2336
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and...
Incomplete Filtering of Special Elements
Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Incomplete Filtering of Special Elements due to improper sanitization of the href and xlink:href attributes in SVG elements. An attacker can bypass image...
GHSA-MQM9-C95H-X2P6 AngularJS allows attackers to bypass common image source restrictions
Improper sanitization of the value of the srcset attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing . This issue affects all versions of...
AngularJS 安全漏洞
AngularJS is a TypeScript-based open source web application framework from AngularJS Open Source. A security vulnerability exists in AngularJS that stems from mishandling the value of the srcset attribute in the source HTML element, which could allow an attacker to bypass common image source...
Security update for singularity (moderate)
This update for singularity fixes the following issues: - CVE-2018-12021: A race condition might have allowed malicious users to bypass directory image restrictions, like mounting the host root filesystem as a container image boo1100333...
OPENSUSE-SU-2018:1969-1 Security update for singularity
This update for singularity fixes the following issues: - CVE-2018-12021: A race condition might have allowed malicious users to bypass directory image restrictions, like mounting the host root filesystem as a container image boo1100333...
Design/Logic Flaw
MyBB aka MyBulletinBoard before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of img MyCodes by editing a post after it has been created...