101 matches found
CVE-2026-49772
CVE-2026-49772 affects WordPress plugin The Events Calendar (Liquid Web / StellarWP) versions 6.15.12–6.16.2. The issue is an SQL Injection due to improper neutralization of special elements, enabling blind SQL injection. CVSS 3.1 base score 9.3 (CRITICAL) with AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...
CVE-2025-60889
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...
EUVD-2025-209583
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...
CVE-2025-60889
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795
CVE-2026-29795 affects the stellar-xdr crate (StringM::from_str bypasses the max length validation). Affected: versions prior to 25.0.1. Root cause: input strings longer than MAX are accepted, producing StringM with violated length invariant. Impact: potential propagation through serialization/va...
CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...
stellar-xdr 安全漏洞
Stellar-xdr is an open-source data format processing library developed by Stellar. Versions of Stellar-xdr prior to 25.0.1 contained security vulnerabilities. These vulnerabilities stemmed from StringM::fromstr not verifying that the input length was within the declared maximum value, allowing fo...
GHSA-X57H-XX53-V53W stellar-xdr's StringM::from_str bypasses max length validation
Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...
stellar-xdr's StringM::from_str bypasses max length validation
Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...
@nasa-jpl/stellar-svelte (>=2.1.9 <=2.1.10), @scouterdev/ui (=0.0.1) +2 more potentially affected by CVE-2025-62381 via sveltekit-superforms (>=2.16.1 <=2.27.1)
sveltekit-superforms NPM version =2.16.1, =2.1.9, =1.3.0, =0.0.2-dev.80, =1.0.9 Source cves: CVE-2025-62381 Source advisory: SNYK:JS-SVELTEKITSUPERFORMS-13559331...
EUVD-2019-7469
Malware in sbrugna...
EUVD-2021-1444
Malware in sbrugna...
EUVD-2002-0907
Malware in sbrugna...
EUVD-2023-2655
Malicious code in bioql PyPI...
EUVD-2024-30730
Malicious code in bioql PyPI...