Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.11 views

PT-2026-48700

Name of the Vulnerable Software and Affected Versions KanaDojo versions prior to 0.1.18 Description A sandbox escape allows remote code execution with full GitHub Actions runner privileges, including access to the AUTOMATION PR TOKEN variable. The issue occurs in the issue-auto-respond.yml workfl...

8.5CVSS6.3AI score0.00487EPSS
Exploits0References5
OSV
OSV
added 2026/01/20 7:15 p.m.5 views

CVE-2026-1245

A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...

6.5CVSS6.5AI score
Exploits0References5
Cvelist
Cvelist
added 2021/07/19 10:53 a.m.19 views

CVE-2021-24452 W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context)

The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting XSS issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript...

6AI score0.01996EPSS
Exploits2References1
securityvulns
securityvulns
added 2007/02/23 12:0 a.m.40 views

Firefox: onUnload tailgating &#40;MSIE7 entrapment bug variant&#41;

On Fri, 23 Feb 2007, Michal Zalewski wrote: Firefox isn't outright vulnerable to this problem, but judging from its behavior, it is likely to be susceptible to a variant of this bug And indeed, susceptible it is. On the surface, the problem is even more serious: the unloaded page can run Javascri...

6.9AI score
Exploits0
Rows per page
Query Builder