CVE-2025-8048

creationtimestamp| type| source ---|---|--- 2025-10-20 20:38:54+00:00| seen| https://infosec.exchange/users/BugBountyShorts/statuses/115408419666883361 2025-10-20 22:55:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3nvxb53zn2m...

CVE-2025-8048 External Control of File path vulnerability has been discovered on Openext Flipper.

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file path and then download the specified file from the system by requesting the stored document ID. This issue affects Flipper: 3.1.2...

RHEL 9 : .NET 6.0 (RHSA-2024:8048)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8048 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

CVE-2024-8048

creationtimestamp| type| source ---|---|--- 2024-10-09 18:09:35+00:00| seen| https://t.me/cvedetector/7481...

CVE-2024-8048

Progress Telerik Reporting (desktop/Standalone Report Designer) prior to 2024 Q3 (version 18.2.24.924) is affected by an insecure expression evaluation vulnerability that enables object injection and may allow code execution. The issue is documented as CVE-2024-8048; CVSS v3.1 base score 7.8 (HIG...

CVE-2024-8048 Telerik Reporting Insecure Expression Evaluation

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible using object injection via insecure expression evaluation...

SUSE CVE-2018-8048

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment...

CVE-2016-8048

This CVE-2016-8048 entry is rejected and not used; it does not represent an active vulnerability entry.

CVE-2016-8048

...

CVE-2018-8048

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment...

SUSE-SU-2019:2209-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - Security issue fixed: - CVE-2018-8048: Update fix to make Loofah::HTML5::Scrub.forcecorrectattributeescaping! callable from other gems bsc1086598...

CVE-2019-8048

CVE-2019-8048 affects Adobe Acrobat and Reader, with a buffer overflow vulnerability reported in multiple older builds (versions 2019.012.20035 and earlier, 2017.011.30142/30143, 2015.006.30497/30498). Successful exploitation could lead to arbitrary code execution. Connected sources indicate pres...

Adobe Reader < 2015.006.30499 / 2017.011.30144 / 2019.012.20036 Multiple Vulnerabilities (APSB19-41)

The version of Adobe Reader installed on the remote Windows host is a version prior to 2015.006.30499, 2017.011.30144, or 2019.012.20036. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier,...

CVE-2019-8048

creationtimestamp| type| source ---|---|--- 2019-08-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47273 2025-08-31 03:01:28+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:13:05+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

Adobe Acrobat 2017 Security Updates (APSB19-41) - Windows

Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

Adobe Acrobat and Reader Buffer Errors (APSB19-41: CVE-2019-8048)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

SUSE-SU-2019:0394-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: Security issues fixed: - CVE-2018-16468: Fixed XXS by removing the svg animate attribute from from the allowlist bsc1113969. - CVE-2018-8048: Fixed XSS vulnerability due to unescaped characters by libcxml2 bsc1085967...

rails-html-sanitizer Cross-site Scripting vulnerability

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

GHSA-PX3R-JM9G-C8W8 rails-html-sanitizer Cross-site Scripting vulnerability

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

Debian DSA-4171-1 : ruby-loofah - security update

The Shopify Application Security Team reported that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, allows non-whitelisted attributes to be present in sanitized output when input with specially crafted HTML fragments. This might allow to mount a...