93 matches found
EUVD-2019-0736
Malware in sbrugna...
EUVD-2020-0394
Malware in sbrugna...
MAL-2025-3721 Malicious code in braze-i18n-knockout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca6ae5dbaa6927991987f0b0e26192dcbfc2fbcbeeca91e3cb34621bd6f1a48b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in braze-i18n-knockout (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca6ae5dbaa6927991987f0b0e26192dcbfc2fbcbeeca91e3cb34621bd6f1a48b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Out-of-Date Knockout JS Detected
An out-of-date version of Knockout JS has been detected. An outdated version could have vulnerabilities or missing security features. No source data...
XSS
Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc. Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older...
GHSA-QFMR-6QVH-49GM XSS
Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc. Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older...
@cardgamesplay/klondike (>=0.1.0 <=0.1.1), @devexpress/analytics-core (>=18.2.7 <=19.1.1-alpha-19071-2010) +68 more potentially affected by CVE-2019-14862 via knockout (>=2.2.1 <=3.5.0-beta)
knockout NPM version =2.2.1, =0.1.0, =18.2.7, =4.0.0, =0.1.0-zgx, =0.1.0, =1.0.0, =0.0.1, =0.2.20, =18.2.7, =17.2.2-beta, =18.2.7, =1.2.1, =2.0.1-beta, =2.0.4-beta and more Source cves: CVE-2019-14862 Source advisory: OSV:GHSA-VCJJ-XF2R-MWVC...
GHSA-VCJJ-XF2R-MWVC XSS in knockout
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
XSS in knockout
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
DEBIAN-CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
Design/Logic Flaw
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
UBUNTU-CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
CVE-2019-14862
Knockout.js vulnerability (CVE-2019-14862). Affected: Knockout.js
CVE-2019-14862
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...
Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.5.1 Security Update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...