7 matches found
CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror
Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...
DEBIAN-CVE-2024-50203
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPFTRAMPFCALLORIG is enabled, the address of a bpftrampimage struct on the stack is passed during the size calculation pass and an address on the heap is passed...
UBUNTU-CVE-2024-50203
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPFTRAMPFCALLORIG is enabled, the address of a bpftrampimage struct on the stack is passed during the size calculation pass and an address on the heap is passed...
CVE-2024-50203 bpf, arm64: Fix address emission with tag-based KASAN enabled
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPFTRAMPFCALLORIG is enabled, the address of a bpftrampimage struct on the stack is passed during the size calculation pass and an address on the heap is passed...
Oralyzer - Tool To Identify Open Redirection
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing the url i.e. provided as the input. Features Oralyzer can identify different types of Open Redirect Vulnerabilities : Header Based Javascript Based Meta Tag Based...
Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...
SLES9: Security update for XFree86-server
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: XFree86-Xnest XFree86-Xvfb XFree86-server More details may also be found by searching for keyword 5012942 within the SuSE Enterprise Server 9 patch database...