515 matches found
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-59491
CVE-2025-59491 is a Cross Site Scripting vulnerability affecting CentralSquare Community Development v19.5.7, reported across multiple feeds. Descriptions consistently state XSS via form fields, but the provided documents do not specify the underlying code path, affected modules, or root cause. P...
PT-2025-46668
Name of the Vulnerable Software and Affected Versions CentralSquare Community Development version 19.5.7 Description A Cross Site Scripting issue exists in CentralSquare Community Development. The issue is present in form fields, potentially allowing for malicious script injection. Recommendation...
EUVD-2025-88680
Malicious code in squarerookz3n npm...
EUVD-2025-73554
Malicious code in squareclownfishz3n npm...
EUVD-2025-73551
Malicious code in squaretyrannosaurusrequirement npm...
EUVD-2025-66518
Malicious code in squarekingfisherz3n npm...
Malicious code in square-coffee-grouse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 810c6489fd1b4ec065f2c745dc8d310702c9ffa3dd4788b5f19c257124354890 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in square-coral-ape (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02e84e88ab5326f140d99310d7e5784957b78cceda076b61251429d444befa2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-51844
Malicious code in square-coffee-grouse npm...
EUVD-2025-51843
Malicious code in square-coral-ape npm...
EUVD-2025-49326
Malicious code in squareguppyz3n npm...
Creating a Linux Application Using VSCodium, Cline, OpenRouter, and Claude
In March I created a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude. This was a program that created square screen captures. The user doesn't need to manually ensure the dimensions are a square. The program makes the window grow and shrink while keeping the length equ...
Astra Linux – Vulnerability in Python 3.11
The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that include square brackets, which is not valid according to RFC 3986. Square brackets are only intended to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could lead to...
CVE-2025-47912
CVE-2025-47912 is addressed in IBM Cloud Pak for Business Automation/IBM Business Automation Workflow container bulletins. The IBM advisories confirm that the vulnerability stems from a parsing flaw in the Parse function: it allows values other than IPv6 addresses to be placed inside square brack...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview std/net/url is a Go standard library package std/net/url Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere. Go Vulnerability Report:The Parse function permits values other than IPv6 addresses to be included in...
Google Go 安全漏洞
Google Go is a static strongly-typed, compiled, concatenated, and garbage-collected programming language from Google, Inc USA. A security vulnerability exists in Google Go that stems from the Parse function not properly validating the IPv6 address format within square brackets in the URL host...
SUSE CVE-2025-47912
The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://::1/". IPv4 addresses and hostnames mus...
EUVD-2008-4028
Malware in sbrugna...
EUVD-2008-6925
Malware in sbrugna...