Astra Linux - уязвимость в htmldoc

A flaw was discovered in htmldoc version 1.9.12. A heap buffer overflow in the rendertablerow function, located in ps-pdf.cxx, may lead to arbitrary code execution and denial of service...

CVE-2026-1672 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification

The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing nonce validation on the wooberedrawtablerow function. This makes it possibl...

PT-2026-31290

Name of the Vulnerable Software and Affected Versions The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net versions up to and including 1.1.5 Description The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPre...

Remote Code Execution (RCE)

cmark-gfm is vulnerable to remote code execution. The vulnerability exists due to an integer overflow in cmark-gfm's table row parsing table.c:rowfromstring...

DEBIAN-CVE-2021-26259

A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in rendertablerow,in ps-pdf.cxx may lead to arbitrary code execution and denial of service...

UBUNTU-CVE-2021-26259

A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in rendertablerow,in ps-pdf.cxx may lead to arbitrary code execution and denial of service...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in table-row parsing, when parsing marker rows that contain more than UINT16MAX columns. Note If affected versions are used for rendering remote user-controlled markdown, this vulnerability may lead to...

Ninja Tables < 4.1.8 - Admin+ Stored Cross-Site Cross-Site Scripting

The plugin does not sanitise and escape some of its table fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Create a table, add a column with the following payload " as Name, then add data with the followin...

PT-2021-8107 · Htmldoc +3 · Htmldoc +3

Name of the Vulnerable Software and Affected Versions: HTMLDOC version 1.9.12 Description: The issue is related to a heap buffer overflow in the render table row function, located in the ps-pdf.cxx component of the HTMLDOC tool. This overflow can lead to arbitrary code execution and denial of...

CVE-2006-3811

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via Javascript that leads to memory corruption, including 1...

CVE-2006-3811

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via Javascript that leads to memory corruption, including 1...