Cross-site Scripting (XSS)

Overview net.sourceforge.pmd:pmd-core is an extensible multilanguage static code analyzer. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the vbhtml or yahtml report formats, which include rule violation messages in HTML output, in renderFileViolations and...

EUVD-2018-10692

Malware in sbrugna...

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on anomalies that can either indicate an ongoing attac...

CVE-2018-18988

LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash...

CVE-2018-18988

LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash...