185 matches found
EUVD-2021-30889
Malicious code in bioql PyPI...
EUVD-2022-2662
Malicious code in bioql PyPI...
EUVD-2023-0714
Malicious code in bioql PyPI...
ROS-20251001-03
A vulnerability in the jQuery library exists due to insufficient cleansing of user-supplied data when passing elements to jQuery DOM methods. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform cross-site scripting attacks...
@baosight/xinrong (>=0.0.36 <=0.0.37), wypulldom (=1.0.0) potentially affected by unknown CVE via jqeury (=0.0.1-security)
jqeury NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on jqeury and may be impacted: - @baosight/xinrong =0.0.36, =0.0.37 - wypulldom =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-23891...
CVE-2020-26629
A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server...
jquery: Cross-site scripting
A flaw was found in jQuery, where it is vulnerable to Cross-site scripting, caused by the improper validation of user-supplied input by the element. This flaw allows a remote attacker to use a specially crafted URL to execute a script in a victim's web browser within the security context of the...
Alibaba Cloud Linux 3 : 0031: tbb (ALINUX3-SA-2025:0031)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0031 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-11023: In jQuery versions greater than or...
Alibaba Cloud Linux 3 : 0037: pki-core:10.6 (ALINUX3-SA-2021:0037)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0037 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-11023: In jQuery versions greater...
Alibaba Cloud Linux 3 : 0032: gcc-toolset-13-gcc (ALINUX3-SA-2025:0032)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0032 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-11023: In jQuery versions greater than or...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.5)
The version of AOS installed on the remote host is prior to 7.0.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.5 advisory. - BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CVE-2019-129...
RLSA-2025:1300 Moderate: gcc-toolset-14-gcc security update
The gcc-toolset-14-gcc13 package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
tbb security update
An update is available for tbb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Threading Building Blocks TBB is a C++ runtime library that abstracts the low-lev...
RLSA-2025:1346 Moderate: gcc security update
The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including...
K000150406: jQuery vulnerability CVE-2007-2379
Security Advisory Description The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...
jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...
Moderate: Red Hat Security Advisory: pki-core security update
An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Linux Distros Unpatched Vulnerability : CVE-2015-9251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing...
Moderate: Red Hat Security Advisory: gcc security update
An update for gcc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...