23 matches found
EUVD-2026-21408
Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.htmlRFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via CRLF sequences due to undocumented renames of security-relevant configuration attributes. Two distinct issues affect user...
Apache Log4j 安全漏洞
Apache Log4j is an open-source logging tool based on Java, developed by the Apache Foundation in the United States. Versions of Apache Log4j Core 2.25.3 and earlier contain security vulnerabilities. These vulnerabilities stem from XmlLayout failing to clean out characters prohibited by the XML 1....
EUVD-2013-0872
Malware in sbrugna...
EUVD-2012-1900
Malware in sbrugna...
CVE-2025-54813 Apache Log4cxx: Improper escaping with JSONLayout
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
CVE-2024-10910 Grid Plus – Unlimited grid layout <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via grid_plus_load_by_category
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via gridplusloadbycategory AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value...
CVE-2024-10910
CVE-2024-10910 affects Grid Plus – Unlimited grid layout (WordPress) up to version 1.3.5. The flaw allows unauthenticated attackers to execute arbitrary shortcodes via the grid_plus_load_by_category AJAX action, because a value used by do_shortcode is not properly validated. Status: the vulnerabi...
firefox: thunderbird: Use-after-free in layout with accessibility
The Mozilla Foundation's Security Advisory: An attacker could cause a use-after-free when accessibility is enabled, leading to a potentially exploitable crash...
CVE-2024-42631
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/edit/1...
CVE-2017-20064 Elefant CMS layout code injection
A vulnerability was found in Elefant CMS 1.3.12-RC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /designer/add/layout. The manipulation leads to code injection. The attack can be launched remotely. Upgrading to version 1.3.13 is able to...
grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled
A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...
CVE-2019-6207
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...
CVE-2017-5449
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird 52.1, Firefox ESR 52.1, and Firefox 53...
Microsoft Internet Explorer 11 - MSHTML 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion
window.onload = function document.getElementsByTagName"iframe"0.src = "repro-iframe.html"; Description Internally MSIE uses various lists of linked CTreePos objects to represent the DOM tree. For HTML/SVG elements a CTreeNode element is created, which embeds two CTreePos instances: one tha...
CVE-2015-6927
vzctl before 4.9.4 determines the virtual environment VE layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container CT root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the...
OpenJDK: Incorrect image layout verification (2D, 8012601)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2...
ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors relate...
CVE-2012-2548
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability."...
Design/Logic Flaw
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted...
CVE-2011-1189
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."...