PT-2023-7997 · Ofono +4 · Ofono +4

Name of the Vulnerable Software and Affected Versions: oFono affected versions not specified Description: A flaw in oFono, an Open Source Telephony on Linux, is related to a stack overflow bug triggered within the decode submit report function during SMS decoding in PDU format. This issue may all...

CVE-2023-25796

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Include WP BaiDu Submit plugin = 1.2.1 versions...

CVE-2023-25796

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Include WP BaiDu Submit plugin = 1.2.1 versions...

CVE-2023-25796 WordPress WP BaiDu Submit Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Include WP BaiDu Submit plugin = 1.2.1 versions...

CVE-2023-25796

CVE-2023-25796 is a stored XSS in the WordPress plugin WP BaiDu Submit (

WordPress plugin WP BaiDu Submit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-12025 · Imagination Technologies +1 · Powervr +1

Name of the Vulnerable Software and Affected Versions: Android SoC versions affected versions not specified Description: A missing size check in the PowerVR kernel driver's PVRSRVBridgeRGXTDMSubmitTransfer function can cause an integer overflow, potentially leading to out-of-bounds heap access...

PT-2023-8745

Name of the Vulnerable Software and Affected Versions Apache Spark versions prior to 3.4.0 Description The issue is related to insecure privilege management in the spark-submit function of Apache Spark. This allows an application to execute code with the privileges of the submitting user by...

CVE-2023-26292

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginsubmit.mhtml modules, Forcepoint Web Security Portal on Hybrid loginsubmit.mhtml modules allows...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A buffer error vulnerability exists in PDF-XChange Editor, which is caused by a buffer overflow problem in the submitForm method...

PT-2023-17033 · Sourcecodester · Sourcecodester Simple/Nice Shopping Cart Script

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple and Nice Shopping Cart Script version 1.0 Description: A critical issue affects the processing of the file uploaderm.php, where the manipulation of the submit argument leads to unrestricted upload. The attack can be...

SUSE CVE-2009-1597

Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as...

SUSE CVE-2011-1772

Multiple cross-site scripting XSS vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 an action name, 2 the action attribute of an s:submit element, or 3 t...

SUSE CVE-2013-1724

Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via vectors...

SUSE CVE-2013-2275

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors...

SUSE CVE-2017-5576

Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4SUBMITCL ioctl call...

SUSE CVE-2017-5577

The vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service incorrect pointer dereference and OOPS via inconsistent size valu...

SUSE CVE-2018-12374

Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird 52.9...

SUSE CVE-2019-19052

A memory leak in the gscanopen function in drivers/net/can/usb/gsusb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-fb5be6a7b486...

WP BaiDu Submit <= 1.2.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...