54 matches found
EUVD-2010-3792
Malware in sbrugna...
EUVD-2021-1156
Malware in sbrugna...
EUVD-2024-30802
Malicious code in bioql PyPI...
EUVD-2025-9024
Malicious code in bioql PyPI...
GHSA-9MV7-3C64-MMQW xml2rfc is vulnerable to arbitrary file reads through prepped files
Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the prepped RFCXML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. References This is related ...
Linux Distros Unpatched Vulnerability : CVE-2010-3813
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6...
GHSA-CFMV-H8FX-85M7 xml2rfc has an arbitrary file read vulnerability
Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...
xml2rfc has an arbitrary file read vulnerability
Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. Workarounds Test untrusted input with link elements with rel="attachment" before processing. Credits This vulnerability was reporte...
Directory Traversal
Overview xml2rfc is a Xml2rfc generates RFCs and IETF drafts from document source in XML according to the IETF xml2rfc v2 and v3 vocabularies. Affected versions of this package are vulnerable to Directory Traversal via the PDF generation process. An attacker can access arbitrary files on the...
CVE-2020-28249
Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note...
DEBIAN-CVE-2025-37973
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element defragmentation process, the multi-link element length added to the total IEs length when calculating the...
CVE-2025-37973 wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element defragmentation process, the multi-link element length added to the total IEs length when calculating the...
CVE-2025-37973
CVE-2025-37973 affects the Linux kernel Wi-Fi stack, specifically the cfg80211 defragmentation logic for multi-link elements. The issue is a miscalculation during multi-link element defragmentation that adds the MLE length to the total IEs length, which can cause an out-of-bounds access if the ML...
PT-2025-22234
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified, related to out-of-bounds access during multi-link element defragmentation in the cfg80211 module. The problem occurs when calculating the...
CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location...
VulnCheck KEV: CVE-2024-7679
In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...
CVE-2024-33057
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location...
CVE-2024-33057 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location...
CVE-2024-33057 Buffer Over-read in WLAN Host Communication
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location...
PT-2024-18881 · Qualcomm · Snapdragon +105
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns information disclosure when handling Multi-link IE in a beacon frame. No details are provided about the estimated number of potential...