EUVD-2022-1982

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-2576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. CVE-2017-2576 Note that Nessus relies on the presence of the package as reported...

Moodle Incorrect sanitation of attributes in forums

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

CVE-2021-42165

MitraStar GPT-2541GNAC-N1 HGU 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path"...

Cross site scripting

UNSUPPORTED WHEN ASSIGNED CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting XSS. The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and perform a Reflected Cross-Site...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

CVE-2020-7571

A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation Cross-site Scripting Reflected vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of use...

CVE-2019-17625

There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...

Cross site scripting

There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron,...

CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...