5 matches found
CVE-2024-52593
Misskey is an open source, federated social media platform.In affected versions missing validation in NoteCreateService.insertNote, ApPersonService.createPerson, and ApPersonService.updatePerson allows an attacker to control the target of any "origin" links such as the "view on remote instance"...
CVE-2025-29774
xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. Th...
CVE-2022-21676
Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the engine.io...
EulerOS 2.0 SP10 : vim (EulerOS-SA-2025-1033)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. A use-after-free was found in Vim 9.1.0764. When closing a buffer visible in a window a BufWinLeave...
Advisory CA-2002-16 Multiple Vulnerabilities in Yahoo! Messenger
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-16 Multiple Vulnerabilities in Yahoo! Messenger Original release date: June 05, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Yahoo! Messenger version 5,0,0,1064 and...