307 matches found
The Scratch Channel 输入验证错误漏洞
The Scratch Channel is a project site of The Scratch Channel open source. An input validation error vulnerability exists in version 1 of The Scratch Channel, which stems from the fact that local storage can be edited, potentially leading to account information tampering...
CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite
Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...
CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite
Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...
CVE-2025-53904
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...
CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...
CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...
CVE-2025-53904
CVE-2025-53904 concerns The Scratch Channel (a news site under development) with a potential reflected Cross-Site Scripting (XSS) vulnerability in the file /api/admin.js. The issue arises from code in that file that could allow XSS, as described across multiple sources (NVD/Red Hat/CVE list). The...
CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...
The Scratch Channel 安全漏洞
The Scratch Channel is a project website of The Scratch Channel open source. A security vulnerability exists in The Scratch Channel, which stems from a code issue in the api/admin.js file that could lead to a cross-site scripting attack...
PT-2025-29869 · Unknown · Scratch Channel
Name of the Vulnerable Software and Affected Versions: The Scratch Channel affected versions not specified Description: The Scratch Channel is a news website currently under development. The file /api/admin.js contains code that could lead to cross-site scripting. Recommendations: At the moment,...
CVE-2025-53903
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...
CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...
CVE-2025-53903
CVE-2025-53903 affects The Scratch Channel’s web application, with a cross-site scripting (XSS) vulnerability stemming from unsanitized input in /api/users.js. The issue is addressed by commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb. Public documents describe the vulnerability and fix; exploitat...
CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...
CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability
The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...
The Scratch Channel 跨站脚本漏洞
The Scratch Channel is a project site of The Scratch Channel open source. A cross-site scripting vulnerability exists in The Scratch Channel, which stems from improperly cleaned text box input and could lead to a cross-site scripting attack...
PT-2025-29593 · Unknown · Scratch Channel
Name of the Vulnerable Software and Affected Versions: The Scratch Channel affected versions not specified Description: The application does not properly sanitize text box inputs in the /api/users.js file, potentially leading to cross-site scripting attacks. Recommendations: At the moment, there ...
UBUNTU-CVE-2025-38047
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Fix system hang during S4 resume with FRED enabled Upon a wakeup from S4, the restore kernel starts and initializes the FRED MSRs as needed from its perspective. It then loads a hibernation image, including the image...
CVE-2024-10546
A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...
CVE-2024-12545
The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.1. This is due to missing nonce validation on the resetinstallation function...