951 matches found
[SECURITY] Fedora 41 Update: rust-ron-0.9.0-1.fc41
Rusty Object Notation...
[SECURITY] Fedora 42 Update: rust-ron-0.9.0-1.fc42
Rusty Object Notation...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the field label or handle during the import process from JSON. An attacker can execute arbitrary scripts in the context of the interface by inserting malicious content into these fields. Note: This is only...
CVE-2025-31895
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paulrosen ABC Notation abc-notation allows Stored XSS.This issue affects ABC Notation: from n/a through = 6.1.3...
USN-7404-1 phpseclib vulnerabilities
It was discovered that phpseclib did not correctly handle RSA PKCS1 v1.5 signature verification. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 20.04 LTS. CVE-2021-30130 It was discovered that phpseclib did not correctly handle certain characte...
CVE-2025-31895
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paulrosen ABC Notation abc-notation allows Stored XSS.This issue affects ABC Notation: from n/a through = 6.1.3...
CVE-2025-31895 WordPress ABC Notation Plugin <= 6.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paulrosen ABC Notation abc-notation allows Stored XSS.This issue affects ABC Notation: from n/a through = 6.1.3...
WordPress plugin ABC Notation 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
MISP 安全漏洞
MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.193...
CVE-2025-29778 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
GHSA-46MP-8W32-6G94 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws...
CVE-2025-29778 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno-notation-aws-fips, kyverno, kyverno-fips...
GHSA-46MP-8W32-6G94 vulnerabilities
Vulnerabilities for packages: kyverno-notation-aws, kyverno-notation-aws-fips, kyverno, kyverno-fips...
PYSEC-2025-83
A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...
Python JSON Logger 安全漏洞
Python JSON Logger is a JSON formatting tool for Python logs by the individual developer Nicholas Hairs. A security vulnerability exists in Python JSON Logger versions prior to 3.3.0, which stems from a missing dependency that could lead to remote code execution...
USN-7336-1: GNU Chess vulnerability
Michael Vaughan discovered an overflow vulnerability in GNU Chess that occurs when reading a specially crafted Portable Game Notation PGN file. An attacker could possibly use this issue to cause GNU Chess to crash, resulting in a denial of service, or the execution of arbitrary code...
USN-7336-1 gnuchess vulnerability
Michael Vaughan discovered an overflow vulnerability in GNU Chess that occurs when reading a specially crafted Portable Game Notation PGN file. An attacker could possibly use this issue to cause GNU Chess to crash, resulting in a denial of service, or the execution of arbitrary code...
GHSA-7WRW-R4P8-38RX vulnerabilities
Vulnerabilities for packages: fluent-bit-plugin-loki, cass-operator, grpcurl, wait-for-port, swagger, frp, extism, configmap-reload, k8sgpt, kube-state-metrics, promxy, bank-vaults, thanos-operator, volume-modifier-for-k8s, flux-kustomize-controller, petname, gobuster, kor, nri-f5, vendir, tempo,...
GHSA-3RQ2-J576-XV9R vulnerabilities
Vulnerabilities for packages: mysql...
Moodle has an arbitrary file read risk through pdfTeX
Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live installed...