53 matches found
EUVD-2016-6299
Malware in sbrugna...
EUVD-2018-5836
Malware in sbrugna...
EUVD-2019-2294
Malware in sbrugna...
EUVD-2025-3375
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-5348
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle...
Linux Distros Unpatched Vulnerability : CVE-2021-21862
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A...
CVE-2019-10490
Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...
CVE-2018-13902
Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2018-13911
Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...
CVE-2025-23729
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fures XTRA Settings xtra-settings allows Reflected XSS.This issue affects XTRA Settings: from n/a through = 2.1.8...
CVE-2025-23729
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fures XTRA Settings xtra-settings allows Reflected XSS.This issue affects XTRA Settings: from n/a through = 2.1.8...
CVE-2025-23729
Technical details beyond the initial description are not provided in the connected documents. The CVE-2025-23729 entry describes a Reflected XSS in XTRA Settings (WordPress) affecting versions up to 2.1.8; monitor for official advisories and patches.
CVE-2025-23729 WordPress XTRA Settings plugin <= 2.1.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fures XTRA Settings xtra-settings allows Reflected XSS.This issue affects XTRA Settings: from n/a through = 2.1.8...
CVE-2025-23729 WordPress XTRA Settings plugin <= 2.1.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fures XTRA Settings xtra-settings allows Reflected XSS.This issue affects XTRA Settings: from n/a through = 2.1.8...
WordPress plugin XTRA Settings 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-5054 · Unknown · Fures Xtra Settings
Name of the Vulnerable Software and Affected Versions: fures XTRA Settings versions n/a through 2.1.8 Description: The issue is related to improper neutralization of input during web page generation, which allows for Reflected XSS. This means that an attacker can inject malicious scripts into the...
WordPress XTRA Settings plugin <= 2.1.8 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by thiennv in WordPress Plugin XTRA Settings versions = 2.1.8...
MAL-2023-8722 Malicious code in ngx-xtra-schematics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 39fcb0686c6bf17f5a78d7827eaf93bcc16a57fc2f587d232b316e076cedaa0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ngx-xtra-schematics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 39fcb0686c6bf17f5a78d7827eaf93bcc16a57fc2f587d232b316e076cedaa0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-24249
A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtraboxwrite function in /boxcodebase.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871...