Security
Headlines

Headlines Latest CVEs

Headline

GHSA-pgjv-jrg2-gq3v: dompurify vulnerable to Cross-site Scripting

dompurify prior to version 2.2.2 is vulnerable to cross-site scripting when converting from SVG namespace.

3 years ago

dompurify vulnerable to Cross-site Scripting

Moderate severity GitHub Reviewed Published Jan 11, 2023

ghsa: Latest News

GHSA-pcjq-j3mq-jv5j: SiYuan Has a Stored Cross-Site Scripting (XSS) Vulnerability via Unrestricted SVG File Upload

1 hour ago

GHSA-mpwp-4h2m-765c: Active Job - Object injection security vulnerability

1 hour ago

GHSA-5qw5-wf2q-f538: ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

1 hour ago

GHSA-63vm-454h-vhhq: pyasn1 has a DoS vulnerability in decoder

1 hour ago

GHSA-mmwx-79f6-67jg: Weblate wlc path traversal vulnerability: Unsanitized API slugs in download command

3 hours ago