7 matches found
CVE-2026-54268
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service DoS vulnerability exists in the @angular/common package of the Angular framework. The formatDate function,...
CVE-2026-54268
The CVE affects Angular’s Date formatting in the @angular/common package. The formatDate utility (and DatePipe) can trigger a Denial of Service when confronted with a maliciously long or attacker-controlled date format string. The root cause is an internal parser that iteratively splits the forma...
SUSE CVE-2008-2103
Cross-site scripting XSS vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list...
DEBIAN-CVE-2018-7186
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and...
Cross site scripting
Cross-site scripting XSS vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list...
CVE-2008-2103
Cross-site scripting XSS vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list...
CVE-2008-2103
Cross-site scripting XSS vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list...