389 matches found
CVE-2024-33953
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through 1.7.2...
CVE-2024-33953 WordPress Adventure Journal theme <= 1.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through 1.7.2...
USN-6744-1 pillow vulnerability
Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a deni...
CVE-2023-51418
Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6...
Intel® SGX DCAP Software Advisory
Summary: A potential security vulnerability in some Intel® Software Guard Extensions SGX Data Center Attestation Primitives DCAP software may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-42776...
TemporAI Code Issue Vulnerability
TemporAI is a machine learning-centered medical time series library open-sourced by vanderSchaar LAB. A code issue vulnerability exists in vanderSchaar LAB TemporAI version 0.0.3, which stems from an incorrect operation that can lead to deserialization...
CVE-2023-52198
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michiel van Eerd Private Google Calendars allows Stored XSS.This issue affects Private Google Calendars: from n/a through 20231125...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michiel van Eerd Private Google Calendars allows Stored XSS.This issue affects Private Google Calendars: from n/a through 20231125...
CVE-2023-52198 WordPress Private Google Calendars Plugin <= 20231125 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michiel van Eerd Private Google Calendars allows Stored XSS.This issue affects Private Google Calendars: from n/a through 20231125...
CVE-2023-52198
CVE-2023-52198 affects Private Google Calendars WordPress plugin. The issue is an improper neutralization of input in web page generation, enabling stored XSS (stored cross-site scripting) for versions up to 20231125. Patchstack notes the vulnerability as CVE-2023-52198 with a fix released on 202...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in Joris van Montfort JVM Gutenberg Rich Text Icons.This issue affects JVM Gutenberg Rich Text Icons: from n/a through 1.2.3...
CVE-2023-51417
CVE-2023-51417 : Unrestricted Upload of File with Dangerous Type in JVM Gutenberg Rich Text Icons (JVM Gutenberg Rich Text Icons). Reported as affecting versions up to 1.2.3. Root cause: unrestricted file uploads of dangerous types. Impact (per sources): high confidentiality, integrity, and avail...
CVE-2023-51417 WordPress JVM rich text icons Plugin <= 1.2.3 is vulnerable to Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Joris van Montfort JVM Gutenberg Rich Text Icons.This issue affects JVM Gutenberg Rich Text Icons: from n/a through 1.2.3...
CVE-2023-32590
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4...
CVE-2023-32590
CVE-2023-32590 affects WordPress Subscribe to Category plugin versions
CVE-2023-32590 WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4...
nicolinevanwonderen.com Improper Access Control vulnerability OBB-3805953
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-38382
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4...