29 matches found
CVE-2026-25749
Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...
RLSA-2025:12083 Moderate: icu security update
The International Components for Unicode ICU library provides robust and full-featured Unicode services. Security Fixes: icu: Stack buffer overflow in the SRBRoot::addTag function CVE-2025-5222 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
EUVD-2023-53424
Malicious code in bioql PyPI...
CVE-2025-52048
In Frappe 15.x.x before 15.72.0 and 14.x.x before 14.96.10, in the function addtag at frappe/desk/doctype/tag/tag.py is vulnerable to SQL Injection, which allows an attacker to extract information from databases by injecting a SQL query into the dt parameter...
CVE-2025-52048
In Frappe 15.x.x before 15.72.0 and 14.x.x before 14.96.10, in the function addtag at frappe/desk/doctype/tag/tag.py is vulnerable to SQL Injection, which allows an attacker to extract information from databases by injecting a SQL query into the dt parameter...
Frappe Technologies Frappe 安全漏洞
Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe versions prior to 15.72.0 and 14.96.10, which stems from the improper handling of the...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2024-22915
A heap-use-after-free was found in SWFTools v0.9.2, in the function swfDeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution...
UBUNTU-CVE-2024-22915
A heap-use-after-free was found in SWFTools v0.9.2, in the function swfDeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
UBUNTU-CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
CVE-2023-49469
Reflected Cross Site Scripting XSS vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function...
Shaarli Cross-Site Scripting Vulnerability
Shaarli is a suite of website cloning tools. A cross-site scripting vulnerability exists in Shaarli version v0.12.2, which originates from a vulnerability that allows remote attackers to execute arbitrary code via the search tag function...
libheif Security Vulnerabilities
libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif version v1.17.5, which stems from the discovery of a contained segmentation violation via the function findexiftag in /libheif/exif.cc...
CVE-2023-38973
A stored cross-site scripting XSS vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter...