15 matches found
EUVD-2025-6266
Malicious code in bioql PyPI...
GHSA-V2MW-5MCH-W8C5 canvg Prototype Pollution vulnerability
An issue in canvg prior to v.4.0.3 and v3.0.11 can lead to prototype pollution via the Constructor of the class StyleElement...
CVE-2025-25977
An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...
CVE-2025-25977
An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...
CVE-2025-25977
An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...
CVE-2025-25977
An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement...
CVE-2025-25977
CVE-2025-25977 is reported with concrete details in connected sources: canvg v4.0.2 is vulnerable via the Constructor of StyleElement, enabling arbitrary code execution with a network-accessible vector. The entry confirms the affected component (canvg) and version (4.0.2) and identifies the root ...
Prototype Pollution
Overview org.webjars.bowergithub.shprink:canvg is a JavaScript SVG parser and renderer on Canvas. Affected versions of this package are vulnerable to Prototype Pollution in the StyleElement constructor. PoC js async = // Assuming import is set up properly import StyleElement from 'canvg'; // Outp...
Prototype Pollution
Overview org.webjars.bowergithub.canvg:canvg is a JavaScript SVG parser and renderer on Canvas. Affected versions of this package are vulnerable to Prototype Pollution in the StyleElement constructor. PoC js async = // Assuming import is set up properly import StyleElement from 'canvg'; // Output...
CVE-2014-1743
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
Design/Logic Flaw
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
CVE-2014-1743
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...
CVE-2014-1743
CVE-2014-1743 is a Blink use-after-free in StyleElement::removedFromDocument (core/dom/StyleElement.cpp) affecting Google Chrome prior to 35.0.1916.114. Exploitation could crash the application (DoS) with crafted JavaScript triggering tree mutations; other impact is noted as unspecified. Remediat...
CVE-2014-1743
Removed by vendor...
CVE-2014-1743
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...