Lucene search
K

87 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21734

Malware in sbrugna...

9.3CVSS7.6AI score0.00119EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2022-0311

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.0011EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6435

Malicious code in bioql PyPI...

7.3CVSS6.7AI score0.00514EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.6 views

The vulnerability of the _GLOBAL_TOC function in the arch/powerpc/kvm/book3s_hv_rmhandlers.S module of the virtualization subsystem on the PowerPC platform in the Linux operating system allows a attacker to execute arbitrary code with elevated privileges or cause a service failure.

The vulnerability of the GLOBALTOC function in the arch/powerpc/kvm/book3shvrmhandlers.S module of the virtualization subsystem on the PowerPC platform in the Linux operating system is related to a buffer overflow based on a stack. Exploiting this vulnerability could allow an attacker to execute...

7.1CVSS6.7AI score0.00224EPSS
Exploits0References12Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0490

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.2AI score0.00462EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:35 p.m.7 views

CVE-2020-3684

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

7.8CVSS7.2AI score0.00217EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/28 8:16 a.m.8 views

Malicious code in toc-generator-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78aba0f665dc55e94b5a5dc3b90ce2d371080c1acda0c4565429afcfb9ba4fe6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:16 a.m.10 views

CVE-2021-35090

Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

9.3CVSS7.2AI score0.00119EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.17 views

WordPress CM Table Of Contents – WordPress TOC Plugin Plugin < 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software CM Table Of Contents – WordPress TOC Plugin Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5030 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bf478e63ad63...

3.8CVSS6.7AI score0.00194EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2024/10/09 6:46 a.m.2 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation of the vector-toc-toggle-button-label parameter. Remediation A fix was pushed into the master branch but not yet published. References - Gerrit Wikimedia - GitHub Commit - Wikimedia Phabricator...

6.9CVSS6.9AI score0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.6 views

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS6.2AI score0.00441EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.4 views

PT-2023-29530 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.39.5 MediaWiki versions 1.40.x prior to 1.40.1 Description: An issue was discovered in the Vector Skin component for MediaWiki. The vector-toc-toggle-button-label is not escaped, but should be, because the line...

9.8CVSS6AI score0.22699EPSS
Exploits27References128
OSV
OSV
added 2023/07/18 2:15 p.m.4 views

DEBIAN-CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

7.8CVSS7.5AI score0.00312EPSS
Exploits1References1
OSV
OSV
added 2023/05/15 1:15 p.m.5 views

CVE-2023-0490

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.7AI score0.00462EPSS
Exploits1References1
Prion
Prion
added 2023/05/15 1:15 p.m.19 views

Cross site scripting

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

4.9CVSS5.4AI score0.00462EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/15 12:15 p.m.10 views

CVE-2023-0490 f(x) TOC <= 1.1.0 - Contributor+ Stored XSS

The fx TOC WordPress plugin through 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.00462EPSS
Exploits1References1
CVE
CVE
added 2023/05/15 12:15 p.m.52 views

CVE-2023-0490

CVE-2023-0490 concerns the f(x) TOC WordPress plugin (

5.4CVSS5.5AI score0.00462EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.4 views

WordPress plugin f(x) TOC 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS6.5AI score0.00462EPSS
Exploits1References2
Patchstack
Patchstack
added 2023/04/26 12:0 a.m.13 views

WordPress f(x) TOC Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software fx TOC Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0490 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 8736d6d89b3b Credits István Márton Required...

5.4CVSS5.9AI score0.00462EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2023/01/29 3:29 p.m.2 views

Malicious Package

Overview postcss-toc is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder