CVE-2003-1305

Microsoft Internet Explorer allows remote attackers to cause a denial of service resource consumption via a Javascript src attribute that recursively loads the current web page...

CVE-2021-41782

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled...

CVE-2021-41432

A stored cross-site scripting XSS vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content...

CVE-2021-41784

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled...

CVE-2021-41780

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled...

CVE-2021-41951

ResourceSpace before 9.6 rev 18290 is affected by a reflected Cross-Site Scripting vulnerability in plugins/wordpresssso/pages/index.php via the wordpressuser parameter. If an attacker is able to persuade a victim to visit a crafted URL, malicious JavaScript content may be executed within the...

CVE-2021-41502

An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting XSS vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute...

CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

CVE-2021-27529

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...

CVE-2021-27907

Apache Superset up to and including 0.38.0 allowed the creation of a Markdown component on a Dashboard page for describing chart's related information. Abusing this functionality, a malicious user could inject javascript code executing unwanted action in the context of the user's browser. The...

CVE-2021-27530

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...

CVE-2021-27527

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...

CVE-2021-33439

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is Integer overflow in gccompactstrings in mjs.c...

CVE-2021-33710

A vulnerability has been identified in Teamcenter Active Workspace V4 All versions V4.3.9, Teamcenter Active Workspace V5.0 All versions V5.0.7, Teamcenter Active Workspace V5.1 All versions V5.1.4. A reflected cross-site scripting XSS vulnerability exists in the web interface of the affected...

CVE-2021-33448

An issue was discovered in mjsmJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow at 0x7fffe9049390...

CVE-2021-33440

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsbcodecommit in mjs.c...

CVE-2021-33442

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in jsonprintf in mjs.c...

CVE-2021-33851

A cross-site scripting XSS attack can cause arbitrary code JavaScript to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "Custom logo link" executes whenever the user opens the Settings Page of the "Customize Login Image" Plugin...

CVE-2021-33437

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There are memory leaks in frozencb in mjs.c...

CVE-2021-33443

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow in mjsexecute in mjs.c...