w3

Top products

The 11 most recently published vulnerabilities affecting w3.

• CVE-2025-1781There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF).  This could be exploit...6.5Mar 28, 2025
• CVE-2014-125108w3c online-spellchecker-py spellchecker cross site scripting3.1Dec 23, 2023
• CVE-2023-30300An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.5.5May 3, 2023
• CVE-2021-4296w3c Unicorn ValidatorNuMessage.java ValidatorNuMessage cross site scripting3.5Dec 29, 2022
• CVE-2012-6079W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.7.5Nov 22, 2019
• CVE-2012-6078W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.7.5Nov 22, 2019
• CVE-2012-6077W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.7.5Nov 22, 2019
• CVE-2016-9487EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks7.8Jul 13, 2018
• CVE-2017-5928The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the ht...3.7Feb 27, 2017
• CVE-2009-1209Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.9.3Apr 1, 2009
• CVE-2009-0323Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly ha...10.0Jan 28, 2009