EUVD-2021-28798

Malicious code in bioql PyPI...

CVE-2025-41225

CVE-2025-41225 affects VMware vCenter Server and is an authenticated command-execution vulnerability. A user with privileges to create or modify alarms and run script actions can exploit this to execute arbitrary commands on the vCenter Server. The issue is classified with high impact (C, I, A: H...

Moderate: Red Hat Security Advisory: java-17-openjdk security and bug fix update

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Executing a script action with non-zero value results in frozen funds

Lines of code Vulnerability details Llama instances have a separate LlamaExecutor contract for action execution. When calling LlamaCore.executeAction, the flow is the following for simplicity, we ignore action guards: The function does internal validation: checking the current action state is...

CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

Code injection

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

CVE-2021-41790

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script Action execution allows executing scripts uploaded outside of the Data Dictionary. This could allow a logged-in attacker to execute arbitrary code inside a sandboxed environment...

Microsoft Chooses Ubuntu Linux for their Cloud-based Azure HDInsight Big Data Solution

Earlier this month, Microsoft surprised us all with the announcement that they built a Linux kernel-based operating system, Azure Cloud Switch ACS, for developing software products for Network Devices. Now, Microsoft just announced that they have selected Ubuntu as the operating system for their...

Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service

foo onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork...

MS Internet Explorer 6.0 (script action handlers) (mshtml.dll) DoS

No description provided by source. htmlbodyimg src=http://lcamtuf.coredump.cx/photo/current/m2A.jpgfoo onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork...

Microsoft Internet Explorer 6 - Script Action Handlers mshtml.dll Denial of Service

Microsoft Internet Explorer 6 - Script Action Handlers mshtml.dll Denial of Service foo onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork onclick=bork...

CVE-2006-1273

Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service crash via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggestin...

CVE-2006-1273

The CVE-2006-1273 entries pertain to Mozilla Firefox 1.0.7–1.5.0.1, where a DoS could be triggered by an HTML tag containing a large number of script handlers (e.g., onload, onmouseover) when the page source is viewed. The core issue is reported as a crash in Firefox, but Red Hat and Mozilla disp...

CVE-2006-1273

Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service crash via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggestin...