16 matches found
Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-118 (ALASECS-2026-118)
The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-118 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...
Security Vulnerabilities fixed in Firefox 144 — Mozilla
Use-after-free in MediaTrackGraphImpl::GetInstance A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. A compromised web process using malicious IPC messages could have caused the privileged browser process to...
EUVD-2024-3005
Malicious code in bioql PyPI...
EUVD-2023-49094
Malicious code in bioql PyPI...
CVE-2025-4700
GitLab CVE-2025-4700 affects GitLab CE/EE versions 15.10–18.0.4, 18.1.x before 18.1.3, and 18.2.x before 18.2.1. The issue could allow an attacker to trigger unintended content rendering that leads to Cross-site Scripting (XSS) under certain conditions. The provided documents do not specify the v...
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content...
Updated nspr, nss, firefox & rust packages fix security vulnerabilities
Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...
Cross-Site Scripting (XSS)
TinyMCE is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to the content extraction feature, specifically when using the noneditableregexp option, which allows an attacker to execute malicious code through specially crafted HTML attributes during content extraction...
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content...
PT-2023-29291 · Ritecms · Ritecms
Name of the Vulnerable Software and Affected Versions: RiteCMS version 3.0 Description: A File upload issue allows a local attacker to upload a SVG file containing XSS content. Recommendations: For RiteCMS version 3.0, consider restricting file uploads to prevent exploitation until a fix is...
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content...
CVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1name parameter in "Add Article" under Content - Content Manager - News...
Google Chrome Security Updates (stable-channel-update-for-desktop_24-2018-01) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CentOS Update for firefox CESA-2012:0387 centos6
Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2012:0387 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
chillyCMS Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content Management System. Its main features are:...
Sijio Community Software - SQL Injection / Persistent Cross-Site Scripting
I'm SiD3^effects member from Inj3ct0r Team Support e-mail : submitatinj3ct0r.com Name : Sijio Community Software SQLi/Persistent XSS Vulnerability Date : july, 7 2010 Critical Level : HIGH Vendor Url : http://www.sijio.com/ Google Dork: © Powered by sijio - Community Software Author : Sid3^effect...