71 matches found
SUSE CVE-2011-0333
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to a...
SUSE CVE-2010-4326
Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long 1 REQUEST-STATUS, 2 TZNAME, 3 COMMENT, or 4 RRULE variable in this message...
EUVD-2012-5419
Malware in sbrugna...
EUVD-2011-2646
Malware in sbrugna...
EUVD-2025-16198
Malicious code in bioql PyPI...
Exploit for CVE-2025-1461
Vuetify VCalendar XSS Vulnerability POC CVE-2025-1461 This...
Cross-site Scripting (XSS)
Overview org.webjars.bowergithub.vuetifyjs:vuetify is an a Material Design component framework for Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the improper neutralization of input in the eventMoreText property of the VCalendar component. An attacker...
Cross-site Scripting (XSS)
Overview org.webjars.npm:vuetify is an a Material Design component framework for Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the improper neutralization of input in the eventMoreText property of the VCalendar component. An attacker can execute...
CVE-2025-1461
CVE-2025-1461 affects Vuetify’s VCalendar eventMoreText prop. Affected: Vuetify >=2.0.0 and
CVE-2025-1461 Vuetify XSS through 'eventMoreText' prop of VCalendar
Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...
CVE-2025-1461 Vuetify XSS through 'eventMoreText' prop of VCalendar
Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...
PT-2025-23120 · Vuetify · Vuetify
Name of the Vulnerable Software and Affected Versions: Vuetify versions 2.0.0 through 2.x Description: The issue arises from the improper neutralization of the eventMoreText property value in the VCalendar component, allowing unsanitized HTML to be inserted into the page. This can lead to a...
vuetify 跨站脚本漏洞
vuetify is a material component framework for Vue open source by vuetify Germany. A cross-site scripting vulnerability exists in versions prior to vuetify 3.0.0, which stems from the eventMoreText property of the VCalendar component not being cleaned up correctly, which could lead to a cross-site...
CVE-2011-2662
Integer signedness error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message...
Cross-site Scripting (XSS)
vuetify is vulnerable to Cross-site Scripting XSS. The library does not properly escape the user inputs through the eventName function within the VCalendar component, which allows an authenticated attacker to inject and execute malicious javascript...
Vuetify Cross-site Scripting vulnerability
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...
GHSA-Q4Q5-C5CV-2P68 Vuetify Cross-site Scripting vulnerability
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...
CVE-2022-25873
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...
CVE-2022-25873
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...
Cross site scripting
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...