61 matches found
GIMP 安全漏洞
GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability, which stems from a stack buffer overflow in the 4BPP decoding path of the TIM image loader. This vulnerability may cause denial-of-service attacks when opening specially crafted TIM image fil...
EUVD-2023-44771
Malicious code in bioql PyPI...
The vulnerability of Visual Studio Code’s source editor lies in its use of files and directories accessible from external parties, which allows unauthorized access to protected information.
The vulnerability of Visual Studio Code’s source editor relates to the use of files and directories accessible from external parties. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
The vulnerability of Visual Studio Code’s source editor, related to access control deficiencies, allows attackers to escalate their privileges.
The vulnerability of Visual Studio Code’s source editor is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Visual Studio Code’s source editor lies in its uncontrolled pathfinding mechanism, which allows attackers to escalate their privileges.
The vulnerability of Visual Studio Code’s source editor is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
The vulnerability of Microsoft Visual Studio Code’s source editor, related to an uncontrolled search path element, allows attackers to escalate their privileges.
The vulnerability of Microsoft Visual Studio Code’s source editor is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to gain increased privileges...
Azure Linux 3.0 Security Update: vim (CVE-2024-43790)
The version of vim installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43790 advisory. - Vim is an open source command line text editor. When performing a search and displaying the search-count messag...
CVE-2024-40626
Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting XSS vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...
CBL Mariner 2.0 Security Update: vim (CVE-2025-24014)
The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24014 advisory. - Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In sile...
Trix 跨站脚本漏洞
Trix is a Basecamp open source rich text editor for everyday writing. A cross-site scripting vulnerability exists in Trix versions prior to 2.1.9 and prior to 1.3.3. The vulnerability stems from the susceptibility to cross-site scripting attacks when malicious code is pasted, which may result in...
EulerOS 2.0 SP10 : vim (EulerOS-SA-2024-2918)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor.double-free in dialogchanged in Vim v9.1.0648.When abandoning a buffer, Vim may ask the user what to d...
Overleaf 安全漏洞
Overleaf is an open source online real-time collaborative LaTeX editor from Overleaf Open Source. A security vulnerability exists in Overleaf that stems from an insecure configuration of the LaTeX compiler by default...
CVE-2021-4227
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
CVE-2021-4227
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
Code injection
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
CVE-2021-4227 Ark Comment Editor <= 2.15.6 - Iframe Injection via Comment
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section...
The vulnerability of Visual Studio Code’s source editor is related to inadequate control over code generation, allowing attackers to execute arbitrary code.
The vulnerability of the Visual Studio Coded source editor is related to inadequate control over code generation. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Visual Studio Code’s source editor, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of Visual Studio Code’s source editor is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...
Notepad++ 安全漏洞
Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++, which stems from a heap buffer write overflow vulnerability in the Utf816Read::convert function...
Notepad++ 安全漏洞
Notepad++ is an open source plain text editor by Don Ho, an individual developer in Taiwan, China. A security vulnerability exists in Notepad++, which stems from a global buffer read overflow vulnerability in the nsCodingStateMachine::NextStater function...