3 matches found
CVE-2022-32271
In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. This is an internal URL Protocol used by Real Player to reference a file that contains an URL. It is possible to inject script code to arbitrary domains. It is also possible to reference arbitrary loca...
UBUNTU-CVE-2014-3755
The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service hang and resource consumption via a local file reference in an 1 image tag or 2 XML stylesheet in an SVG file...
mumble -- multiple vulnerabilities
Mumble reports: SVG images with local file references could trigger client DoS The Mumble client did not properly HTML-escape some external strings before using them in a rich-text HTML context...