2405 matches found
AZL-45126 CVE-2017-20162 affecting package js-jquery 3.5.0-4
A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has...
MooTools Regular Expression Denial of Service
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service ReDoS. An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite...
CVE-2021-32821
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service ReDoS. An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite...
CVE-2021-32821
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service ReDoS. An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite...
CVE-2021-32821
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service ReDoS. An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite...
CVE-2021-32821
MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service ReDoS. An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite...
Json2html vulnerable to cross-site scripting
Json2html is a client side javascript HTML templating library with wrappers for both jQuery and Node.js. A vulnerability was found in moappi Json2html up to 1.1.x and classified as problematic. This issue affects some unknown processing of the file json2html.js. The manipulation leads to cross si...
GHSA-79MP-CXP4-9P6R Json2html vulnerable to cross-site scripting
Json2html is a client side javascript HTML templating library with wrappers for both jQuery and Node.js. A vulnerability was found in moappi Json2html up to 1.1.x and classified as problematic. This issue affects some unknown processing of the file json2html.js. The manipulation leads to cross si...
Fedora 36 : drupal7 (2022-9d655503ea)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Fedora 36 : js-jquery-ui (2022-1a01ed37e2)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-1a01ed37e2 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...
Fedora 35 : drupal7 (2022-bf18450366)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf18450366 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Fedora 35 : js-jquery-ui (2022-22d8ba36d0)
The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-22d8ba36d0 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...
Tenable Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tenable Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Duplicate advisory: @claviska/jquery-minicolors vulnerable to Cross-site Scripting
Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-crh5-vv2v-c82q. This link is maintained to preserve external references. Original Description A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by th...
GHSA-VC9X-GMMR-P7JJ Duplicate advisory: @claviska/jquery-minicolors vulnerable to Cross-site Scripting
Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-crh5-vv2v-c82q. This link is maintained to preserve external references. Original Description A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by th...
CVE-2021-4243
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-32850. Reason: This candidate is a duplicate of CVE-2021-32850. Notes: All CVE users should reference CVE-2021-32850 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
PT-2022-11595 · Claviska · Jquery Minicolors
Name of the Vulnerable Software and Affected Versions: claviska jquery-minicolors versions up to 2.3.5 Description: A vulnerability was found in the file jquery.minicolors.js, which leads to cross site scripting. The attack may be launched remotely. The manipulation affects some unknown...
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities
Summary IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-schema, Java SE and IBM WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2021-4453...