22 matches found
CVE-2023-49855
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
EUVD-2021-2327
Malware in sbrugna...
EUVD-2023-53763
Malicious code in bioql PyPI...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component...
SUSE-SU-2025:03007-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component...
CVE-2023-49855
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
CVE-2023-49855
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
CVE-2023-49855 WordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
CVE-2023-49855
CSRF vulnerability in BinaryCarpenter’s Menu Bar Cart Icon For WooCommerce (plugin by Binary Carpenter) affects versions up to 1.49.3. Root cause per CVE records: missing nonce validation enabling unauthenticated forged requests. Impact can include unauthorized actions on affected WordPress sites...
CVE-2023-49855 WordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in BinaryCarpenter Menu Bar Cart Icon For WooCommerce By Binary Carpenter.This issue affects Menu Bar Cart Icon For WooCommerce By Binary Carpenter: from n/a through 1.49.3...
WordPress Plugin Menu Bar Cart Icon For WooCommerce By Binary Carpenter Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
GHSA-93C4-VF86-3RJ7 Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 Vaadin 14.0.0 through 14.4.4 allows remote attackers to execute malicious JavaScript in browser by opening crafted URL...
com.alibaba.rsocket:alibaba-broker-server (>=1.0.0.M1 <=1.0.0.RC3), com.dorkbox.GradleVaadin:com.dorkbox.GradleVaadin.gradle.plugin (=0.1) +108 more potentially affected by CVE-2021-33611 via org.webjars.bowergithub.vaadin:vaadin-menu-bar (>=1.0.3 <=1.2.0)
org.webjars.bowergithub.vaadin:vaadin-menu-bar MAVEN version =1.0.3, =1.0.0.M1, =1.0, =14.0.0, =0.0.3, =1.0.0, =0.3.1, =1.0.0, =1.0.0, =0.5.1, =2.0.1, =2.0.1, =2.0.1, =2.0.1, =2.2.3 and more Source cves: CVE-2021-33611 Source advisory: OSV:GHSA-93C4-VF86-3RJ7...
Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 Vaadin 14.0.0 through 14.4.4 allows remote attackers to execute malicious JavaScript in browser by opening crafted URL...
Cross-site Scripting (XSS)
vaadin-menu-bar is vulnerable to cross-site scripting. The vulnerability exists due to the lack of output sanitization in test sources, which allows an attacker to execute malicious javascript in the browser by opening the crafted URL...
CVE-2021-33611
Missing output sanitization in test sources in org.webjars.bowergithub.vaadin:vaadin-menu-bar versions 1.0.0 through 1.2.0 Vaadin 14.0.0 through 14.4.4 allows remote attackers to execute malicious JavaScript in browser by opening crafted URL...
Fedora 23 : php-horde-horde-5.2.9-1.fc23 (2016-5d0e7f15ef)
horde 5.2.9 jan SECURITY: Fix XSS vulnerability in menu bar exposed by few applications Bug 14213. jan Add more detailed user DN settings to Kolab group configuration Request 11737. jan Fix returning to last page after problem reporting from AJAX pages Bug 12112. jan Fix custom database...
Fedora 22 : php-horde-horde-5.2.9-1.fc22 (2016-3d1183830b)
horde 5.2.9 jan SECURITY: Fix XSS vulnerability in menu bar exposed by few applications Bug 14213. jan Add more detailed user DN settings to Kolab group configuration Request 11737. jan Fix returning to last page after problem reporting from AJAX pages Bug 12112. jan Fix custom database...
horde -- XSS vulnerabilities
The Horde Team reports: Fixed XSS vulnerabilities in menu bar and form renderer...