MaxSite CMS 跨站脚本漏洞

MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Versions of MaxSite CMS starting from 109.3 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the floggingfile parameter in the admin/pluginantispam file within the...

CVE-2017-16815

installer.php in the Snap Creek Duplicator WordPress Site Migration & Backup plugin before 1.2.30 for WordPress has XSS because the values "urlnew" /wp-content/plugins/duplicator/installer/build/view.step4.php and "logging" wp-content/plugins/duplicator/installer/build/view.step2.php are not...

Trusted Firmware-M 安全漏洞

Linaro Trusted Firmware-M Tf-M is a reference implementation of the Platform Security Architecture Psa IoT security framework from Linaro, UK. A security vulnerability exists in Trusted Firmware-M version 2.0.0 and prior versions, which stems from a lack of parameter validation in the logging...

AZL-33984 CVE-2023-40546 affecting package shim-unsigned-x64 for versions less than 15.8-1

A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message to the user; however, the number of parameters used by the logging function doesn't match the format string used by it, leading to a cras...