Headline
CVE-2021-41565: TWCERT/CC台灣電腦網路危機處理暨協調中心-Tad TadTools - Reflected XSS
TadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.
Related news
pdf2json v0.71 was discovered to contain a stack buffer overflow in the component XRef::fetch.
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::addAttributsNode.
pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump.
A NULL pointer dereference in the function TextPage::restoreState of pdf2xml v2.0 allows attackers to cause a denial of service (DoS).
pdf2xml v2.0 was discovered to contain a stack buffer overflow in the component getObjectStream.
pdf2xml v2.0 was discovered to contain a memory leak in the function TextPage::testLinkedText.
Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities.