Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2025/04/12 1:43 p.m.19 views

CVE-2025-25197

Silverstripe Elemental extends a page type to swap the content area for a list of manageable elements to compose a page out of rather than a single text field. An elemental block can include an XSS payload, which can be executed when viewing the "Content blocks in use" report. The vulnerability i...

5.4CVSS5.9AI score0.00265EPSS
Exploits0References1
Mageia
Mageia
added 2025/01/24 7:46 p.m.45 views

Updated phpmyadmin packages fix security vulnerabilities

fix possible security issue with library code slim/psr7 CVE-2023-30536 fix possible security issue relating to iconv CVE-2024-2961, PMASA-2025-3 fix an XSS vulnerability in the check tables feature PMASA-2025-1 fix an XSS vulnerability in the Insert tab PMASA-2025-2...

7.3CVSS7AI score0.8833EPSS
Exploits16References2
OSV
OSV
added 2023/02/15 10:21 a.m.10 views

OPENSUSE-SU-2023:0047-1 Security update for phpMyAdmin

This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 5.2.1 This is a security and bufix release. Security: - Fix PMASA-2023-01, CWE-661, boo1208186, CVE-2023-25727 Fix an XSS attack through the drag-and-drop upload feature. Bugfixes: - issue 17522 Fix case where the...

7.5CVSS6AI score0.07936EPSS
Exploits2References9
OSV
OSV
added 2023/02/14 10:43 p.m.4 views

MGASA-2023-0049 Updated phpmyadmin packages fix security vulnerability

Security fix for an XSS vulnerability in the drag-and-drop upload functionality PMASA-2023-01 Additional bugfixes including - issue 17506 Fix error when configuring 2FA without XMLWriter or Imagick issue 17519 Fix Export pages not working in certain conditions issue 17121 Fix passwordhash functio...

6.4AI score
Exploits0References3
OSV
OSV
added 2022/08/02 10:20 a.m.6 views

OPENSUSE-SU-2022:10075-1 Security update for python-jupyterlab

This update for python-jupyterlab fixes the following issues: Update to 2.2.10: Remove form tags' action attribute during sanitizing, to prevent an XSS CVE-2021-32797 boo1196663 Header ‘Content-Type’ should not be overwritten Do not use token parameters in websocket urls Properly handle errors in...

9.6CVSS5.8AI score0.02638EPSS
Exploits1References3
OSV
OSV
added 2022/03/10 4:36 p.m.10 views

OPENSUSE-SU-2022:0803-1 Security update for python-lxml

This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL bsc1118088. - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped bsc1184177. - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data...

8.2CVSS6.5AI score0.04002EPSS
Exploits3References9
OSV
OSV
added 2021/04/14 2:51 p.m.9 views

OPENSUSE-SU-2021:0552-1 Security update for python-bleach

This update for python-bleach fixes the following issues: - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5: replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...

7.5CVSS6.8AI score0.01301EPSS
Exploits3References7
OSV
OSV
added 2020/11/19 7:33 a.m.8 views

OPENSUSE-SU-2020:1966-1 Security update for moinmoin-wiki

This update for moinmoin-wiki fixes the following issues: - update to version 1.9.11: CVE-2020-25074 boo1178744: fix remote code execution via cache action CVE-2020-15275 boo1178745: fix malicious SVG attachment causing stored XSS vulnerability...

9.8CVSS9.3AI score0.06121EPSS
Exploits1References5
OSV
OSV
added 2020/10/04 4:22 a.m.7 views

OPENSUSE-SU-2020:1604-1 Security update for zabbix

This update for zabbix fixes the following issues: Updated to version 3.0.31. + CVE-2020-15803: Fixed an XSS in the URL Widget boo1174253...

9.8CVSS7.3AI score0.32304EPSS
Exploits18References4
OSV
OSV
added 2020/05/24 6:4 p.m.4 views

MGASA-2020-0221 Updated viewvc packages fix security vulnerability

Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...

3.5CVSS3.7AI score0.01216EPSS
Exploits1References6
OSV
OSV
added 2020/05/18 5:47 a.m.9 views

SUSE-SU-2020:1301-1 Security update for mailman

This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug bsc1171363. - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion bsc1170558. Non-security issue fixed: - Fixed rights and ownership on...

6.5CVSS6.4AI score0.02698EPSS
Exploits1References7
OSV
OSV
added 2020/03/29 4:17 p.m.5 views

OPENSUSE-SU-2020:0405-1 Security update for phpMyAdmin

This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password boo1167335 PMASA-2020-2. - CVE-2020-10802: Fixed an SQL injection in the search...

8CVSS7AI score0.02694EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2019/09/08 12:0 a.m.8 views

Nexos - Real Estate < 1.6.1 - SQL Injection & Persistent XSS

----- SQL Injection: ----- Vulnerable 'id' parameter is https://listing-themes.com/nexos-wp/wp-admin/admin.php?page=ownlistingaddlisting=8 ----- Persistent XSS: ----- You need a new user account, then go to any property listing on the website and use «ENQUIRY FORM» on the right sidebar...

8AI score
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/08 3:57 p.m.10 views

OPENSUSE-SU-2019:1839-1 Security update for python-Django

This update for python-Django fixes the following issues: Security issues fixed: - CVE-2019-11358: Fixed prototype pollution. - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget bsc1136468 - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS bsc1139945. -...

9.8CVSS7.1AI score0.87218EPSS
Exploits4References14
OSV
OSV
added 2018/04/27 1:24 p.m.9 views

SUSE-SU-2018:1102-1 Security update for python-Django

This update for python-Django fixes the following issues: Security issues fixed: - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters. bsc1083304 - CVE-2017-12794:...

9.8CVSS6.6AI score0.23566EPSS
Exploits3References19
OSV
OSV
added 2018/04/18 6:31 a.m.10 views

SUSE-SU-2018:0973-1 Security update for python-Django

This update for python-Django fixes the following issues: Security issues fixed: - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters. bsc1083304 - CVE-2017-12794:...

9.8CVSS6.4AI score0.23566EPSS
Exploits3References17
RedHat Linux
RedHat Linux
added 2016/09/28 10:29 p.m.36 views

Moderate: Red Hat Security Advisory: Red Hat JBoss BRMS security update

An update is now available for Red Hat JBoss BRMS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

5.4CVSS6.1AI score0.00847EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.21 views

Fedora 18 : ReviewBoard-1.7.11-1.fc18 (2013-11646)

New upstream release 1.7.11 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.11/ - Bug Fixes : - Fixed compatibility with Python 2.5 - Fixed the drop-down arrow by Support and the account name on older versions of Internet Explorer - New upstream release 1.7.10 -...

4.3CVSS5.4AI score0.02164EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/06/05 12:0 a.m.37 views

[openwebmail] Fw: Re: XSS bug.

Hello all, Its a forward message from openwebmail bugtraq system with the problem and the solution ;- ---------- Forwarded Message ----------- From: "openwebmail" [email protected] To: "aramosf" [email protected] Sent: Thu, 3 Jun 2004 20:30:07 +0800 Subject: Re: XSS bug. On Wed, 2...

6.2AI score
Exploits0
Rows per page
Query Builder