138 matches found
EUVD-2026-30988
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
CVE-2026-6871
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
CVE-2026-6871
CVE-2026-6871 concerns the Drupal Obfuscate module. The issue is an XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions are from 0.0.0 up to, but not including, 2.0.2. The root cause is insufficient sanitization when obfuscated emails are pro...
CVE-2026-6871 Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
CVE-2026-6871 Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
CVE-2026-6871
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
CVE-2026-6871
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...
Drupal Obfuscate 跨站脚本漏洞
Drupal Obfuscate is a Drupal module from the Drupal community. Versions of Drupal Obfuscate prior to 2.0.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during the web page generation process, which could lead to cross-site scripting...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...
Neo4j < 5.26.21 Information Disclosure Vulnerability (CVE-2026-1622)
According to its self-reported version number, the version of Neo4j running on the remote host is a version prior to 5.26.21. It is, therefore, affected by a information disclosure vulnerability where The obfuscateliterals option in the query logs does not redact error information, exposing...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the obfuscateliterals option in query logging. An attacker can access sensitive information by reading unredacted error data in the query logs when queries fail. Notes: This is only...
Neo4j Enterprise and Community vulnerable to a potential information disclosure
Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...
CVE-2026-1622
Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...
CVE-2026-1622 Unredacted data exposure in query.log
Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...
CVE-2026-1622 Unredacted data exposure in query.log
Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...
EUVD-2023-33947
Malicious code in bioql PyPI...
EUVD-2024-49392
Malicious code in bioql PyPI...
EUVD-2025-9609
Malicious code in bioql PyPI...
EUVD-2024-48339
Malicious code in bioql PyPI...
CVE-2024-7413
The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the...