Linux Distros Unpatched Vulnerability : CVE-2018-17960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source-mode paste. CVE-2018-17960 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2019-17016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into...

Malicious code in freerte-paste-plugin (npm)

The package freerte-paste-plugin was found to contain malicious code...

MAL-2025-20954 Malicious code in freerte-paste-plugin (npm)

The package freerte-paste-plugin was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2019-17022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer does not escape characters. Because the resulting string is pasted directly int...

CVE-2024-43368

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a text/html content type. However, Trix only checks the...

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

CVE-2021-37326

NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations...

CVE-2021-32854

textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting XSS. For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches...

CVE-1999-0870

Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste...

CVE-2025-46812 Trix vulnerable to Cross-site Scripting on copy & paste

Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the...

Cross-site Scripting (XSS)

Overview org.webjars.bowergithub.basecamp:trix is a Rich Text Editor. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the copy and paste functionality. An attacker can execute arbitrary JavaScript code within the user's session by tricking a user into pasting...

Cross-site Scripting (XSS)

Overview org.webjars.npm:trix is a Rich Text Editor. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the copy and paste functionality. An attacker can execute arbitrary JavaScript code within the user's session by tricking a user into pasting malicious content...

Cross-site Scripting (XSS)

Overview org.webjars.bower:trix is a Rich Text Editor. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the copy and paste functionality. An attacker can execute arbitrary JavaScript code within the user's session by tricking a user into pasting malicious...

[SECURITY] Fedora 40 Update: kitty-0.40.0-2.fc40

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

[SECURITY] Fedora 41 Update: kitty-0.40.0-2.fc41

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...

Linux Distros Unpatched Vulnerability : CVE-2013-2120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma- addons does not properly generate passwords, which allows...

SUSE CVE-2022-49102

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...

PT-2025-8938

Name of the Vulnerable Software and Affected Versions mongosh versions prior to 2.3.9 Description The MongoDB Shell may be susceptible to control character injection, allowing an attacker with control of the user's clipboard to manipulate them into pasting text that evaluates arbitrary code...

UBUNTU-CVE-2022-49102

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...