1399 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-16728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS mXSS for an SVG element or a MATH element, as demonstrated by Chrome and Safari...
Indico 跨站脚本漏洞
Indico is a feature-rich event management system from Indico Open Source. A cross-site scripting vulnerability exists in Indico versions prior to 3.3.8 that stems from a cross-site scripting vulnerability when rendering LaTeX math code...
Linux Distros Unpatched Vulnerability : CVE-2022-0489
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a...
Linux Distros Unpatched Vulnerability : CVE-2023-29465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SageMath FlintQS 1.0 relies on pathnames under TMPDIR typically world-writable, which for example allows a local user to overwrite files with the privileges of ...
Linux Distros Unpatched Vulnerability : CVE-2019-19010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or...
Linux Distros Unpatched Vulnerability : CVE-2020-4054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sanitize RubyGem sanitize greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using...
Linux Distros Unpatched Vulnerability : CVE-2023-2132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all...
Linux Distros Unpatched Vulnerability : CVE-2016-1927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random...
Linux Distros Unpatched Vulnerability : CVE-2024-53986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...
Linux Distros Unpatched Vulnerability : CVE-2022-23519
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain...
Linux Distros Unpatched Vulnerability : CVE-2022-23772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. CVE-2022-23772 Note th...
Linux Distros Unpatched Vulnerability : CVE-2022-22817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could al...
[SECURITY] Fedora 42 Update: pandoc-3.1.11.1-33.fc42
Pandoc is a Haskell library for converting from one markup format to another. The formats it can handle include - light markup formats many variants of Markdown, reStructuredText, AsciiDoc, Org-mode, Muse, Textile, txt2tags - HTML formats HTML 4 and 5 - Ebook formats EPUB v2 and v3, FB2 -...
03_node_1 (=1.0.0), 111nodejs03 (=1.0.0) +96 more potentially affected by unknown CVE via math (=0.0.3)
math NPM version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on math and may be impacted: - 03node1 =1.0.0 - 111nodejs03 =1.0.0 - @daostack/arc =0.0.1-rc.21, =0.0.1-rc.41-v2, =1.0.1, =1.0.0, =2.0.11, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.0...
Malicious code in Math (npm)
The package Math was found to contain malicious code...
MAL-2025-17911 Malicious code in d3-brave-math (npm)
The package d3-brave-math was found to contain malicious code...
MAL-2025-34185 Malicious code in sunruse-math-vector (npm)
The package sunruse-math-vector was found to contain malicious code...
MAL-2025-26007 Malicious code in math_example113 (npm)
The package mathexample113 was found to contain malicious code...
Malicious code in d3-brave-math (npm)
The package d3-brave-math was found to contain malicious code...
Malicious code in sunruse-math-aabb (npm)
The package sunruse-math-aabb was found to contain malicious code...