Allocation of Resources Without Limits or Throttling

Overview @next-ai-drawio/mcp-server is a MCP server for Next AI Draw.io - AI-powered diagram generation with real-time browser preview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handleStateApi, handleRestoreApi, and...

Malicious code in react-svg-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63577e9faa19bf76dac1f171ee006ed6801a0726d5782ae1246bde01b508a7ad The package react-svg-handler was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview react-svg-handler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-822 Malicious code in react-svg-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63577e9faa19bf76dac1f171ee006ed6801a0726d5782ae1246bde01b508a7ad The package react-svg-handler was found to contain malicious code. Source: ghsa-malware...

CVE-2026-1126

A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulatio...

EasyImages 代码注入漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A code injection vulnerability exists in EasyImages 2.8.6 and earlier versions, which stems from improper manipulation of the parameter File in the component SVG...

EUVD-2024-51374

Malicious code in bioql PyPI...

ROS-20240618-01

A vulnerability in the SVG Handler component of the RoundCube email client is related to cross-site scripting attacks. Exploitation of the vulnerability could allow an attacker acting remotely to exploit XSS via the SVG animation attributes. Vulnerability in the User Preferences Handler component...

SUSE CVE-2018-19869

An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp...

Denial Of Service (DoS)

Firefox, Firefox ESR and Thunderbird are vulnerable to denial of service attacks. A remote unauthenticated attacker could exploit the vulnerable SVG Handler component when the image renderer attempts to paint non-displayable SVG elements to cause buffer overflows and system crash...

Microsoft Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)

Microsoft Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free MS16-023 k 10 ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. 0bb14b64 6ad180b8 vrfcore!VerifierStopMessageEx+0x571 0bb14b88 67fec434...