CVE-2026-44369 CVAT: Stored XSS via annotation guides

CVAT is an open source interactive video and image annotation tool for computer vision. From 2.5.0 to 2.63.0, an attacker who is able to create or edit an annotation guide on a task is able to add malicious JavaScript code, which will then run in the browser of anyone who opens this annotation...

CVE-2024-44036

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pierre Lebedel Kodex Posts likes kodex-posts-likes allows Stored XSS.This issue affects Kodex Posts likes: from n/a through = 2.5.0...

Paperless-ngx 安全漏洞

Paperless-ngx is a document management system from paperless-ngx open source. A security vulnerability exists in Paperless-ngx versions 2.5.0 through 2.8.6, which stems from remote user authentication allowing API access even when API access is explicitly disabled...

NodeBB 路径遍历漏洞

NodeBB is a forum system built using Node.js a web application platform built on top of Google's V8 JavaScript engine by the Design Create Play team. A path traversal vulnerability exists in NodeBB versions 2.5.0 to 2.8.7, which is caused by the use of object deconstruction assignment syntax in t...

SUSE CVE-2016-3076

Heap-based buffer overflow in the j2kencodeentry function in Pillow 2.5.0 through 3.1.1 allows remote attackers to cause a denial of service memory corruption via a crafted Jpeg2000 file...

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +62 more potentially affected by CVE-2021-41209 via tensorflow (>=2.5.0 <=2.5.1)

tensorflow PYPI version =2.5.0, =0.21.2, =0.0.1, =1.1.0, =0.1.0.dev2, =0.1.6, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =3.0.0 and more Source cves: CVE-2021-41209 Source advisory: OSV:GHSA-6HPV-V2RX-C5G6...

Joomla! CMS 输入验证错误漏洞

is a set of forum components used in the Joomla! content management system. Joomla! is vulnerable to an input validation error in versions 2.5.0 to 3.9.27, which can be exploited by attackers to cause corruption in the usergroups table...

PT-2021-15384 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.24 Description: An issue was discovered that could lead to xss issues due to missing filtering of messages shown to users. Recommendations: For Joomla! versions 2.5.0 through 3.9.24, update to a version that...

Joomla! cross-site scripting vulnerability (CNVD-2019-14557)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site scripting vulnerability exists in modbanners in Joomla! versions 2.5...