WordPress plugin Keymaster Chord Notation Free 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Keymaster Chord Notation Free plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Keymaster Chord Notation Free versions = 1.0.2...

WordPress Keymaster Chord Notation Free Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Keymaster Chord Notation Free Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51809 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2f14416fd283 Credits SOPROBRO Required privileg...

Improper Input Validation

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Input Validation through the TeX notation filter. An attacker can read arbitrary files by exploiting insufficient sanitizing in the filter. Remediation Upgrade moodle/moodle to version...

CVE-2024-43426

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

UBUNTU-CVE-2024-43426

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...

PT-2024-30578 · Pdftex +1 · Pdftex +1

Name of the Vulnerable Software and Affected Versions: pdfTeX affected versions not specified Description: A flaw was found in pdfTeX, where insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live...

OESA-2024-2228 json-lib security update

JSON-lib is a java library for transforming beans, maps, collections, java arrays and XML to JSON and back again to beans and DynaBeans. Security Fixes: util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string.CVE-2024-47855...

UBUNTU-CVE-2024-47855

util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string...

SUSE CVE-2022-45688

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...

GO-2023-1831 Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack in github.com/notaryproject/notation

Notation's default maxSignatureAttempts in notation verify enables an endless data attack in github.com/notaryproject/notation...

GO-2023-1829 Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notation

Notation vulnerable to denial of service from high number of artifact signatures in github.com/notaryproject/notation...

CVE-2024-41989

A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is. Mitigation Mitigation for th...

BIT-DJANGO-2024-41989

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

SUSE CVE-2024-41989

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

GHSA-JH75-99HH-QVX9 Django memory consumption vulnerability

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

Django memory consumption vulnerability

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

CVE-2024-41989

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

CVE-2024-41989

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...

PYSEC-2024-67

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent...