6 matches found
org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content
Impact The Markdown syntax is vulnerable to XSS through HTML. In particular, using Markdown syntax, it's possible for any user to embed Javascript code that will then be executed on the browser of any other user visiting either the document or the comment that contains it. In the instance that th...
Important: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 For more details about the security...
Gitlab -- Vulnerabilities
Gitlab reports: Disclosure of CI/CD variables using Custom project templates GitLab omnibus DoS crash via OOM with CI Catalogs Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service DoS - Blocking FIFO files in Tar archives Titles exposed by service-desk template...
Input validation
Improper neutralization of HTTP request headers for scripting syntax vulnerability in the Web GUI of RTX830 Rev.15.02.17 and earlier, NVR510 Rev.15.01.18 and earlier, NVR700W Rev.15.00.19 and earlier, and RTX1210 Rev.14.01.38 and earlier allows a remote authenticated attacker to obtain sensitive...
The vulnerability of the syntax analysis function for domain name records in the Simotics Connect 400 software and hardware suite allows a perpetrator to cause service interruptions.
The vulnerability of the syntax analysis function for DNS domain names in the Simotics Connect 400 software and hardware suite is related to errors that occur when a line or array is terminated with the NULL character. Exploiting this vulnerability could allow an attacker to cause service...
Cross site scripting
admin\db\DoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php...