CVE-2023-34245 Cross site scripting (XSS) in @udecode/plate-link

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

Cool Music App Has Logic Flaw Vulnerability

Cool Music is a music player. A logic flaw vulnerability exists in CoolMusic APP, which can be exploited by an attacker to cause a phone lockup by using a proxy tool to tamper with the packet to replace the upgrade link...

On the Joomla! Content management system vulnerability briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received Beijing white cap Hui Technology Co., Ltd. on Joomla! Content management system there is a security bypass vulnerabilityCNNVD-2 0 1 6 1 0-7 3 9and the remote mention the right vulnerabilityCNNVD-2 0 1 6 1 0-7 4 0in...

Trend Micro产品网络安全组件模块多个安全漏洞

BUGTRAQ ID: 33358 CVECAN ID: CVE-2008-3864,CVE-2008-3865,CVE-2008-3866 Trend Micro病毒扫描引擎为桌面、服务器和网关提供杀毒功能。 各种Trend Micro产品所捆绑的网络安全组件（NSC）模块中存在多个漏洞，允许本地用户导致拒绝服务、获得权限提升或控制防火墙设置。 1 防火墙服务（TmPfw.exe）的ApiThread函数在处理发送给该服务（默认40000/TCP端口）的报文时存在堆溢出漏洞，在大小字段中包含有较小值的报文可以触发这个溢出，大小字段中包含有超长值会导致服务崩溃。 2 Trend Micr...