Lucene search
K

4 matches found

Snyk
Snyk
added 2026/05/14 4:36 p.m.11 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the renderblockimage function. An attacker can inject arbitrary CSS into the style attribute of an image element by supplying a crafted value to the :width: or :height: option, which is insufficiently validat...

6.1CVSS5.7AI score0.00228EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/04/30 12:0 a.m.10 views

PT-2020-3605 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.4.1 WordPress versions 5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33 Description: The issue is related to the render block core...

9.8CVSS6.8AI score0.4375EPSS
Exploits16References71
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

Google Chrome browser contains a vulnerability related to memory usage after deallocation, known as a “use-after-free error,” in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp of Blink. Exploiting this vulnerability allows malicious actors to cau...

7.5CVSS7.7AI score0.01358EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2014/04/09 10:57 a.m.2 views

UBUNTU-CVE-2014-1722

Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...

7.5CVSS7.4AI score0.01358EPSS
Exploits1References5
Rows per page
Query Builder