36 matches found
UBUNTU-CVE-2021-33391
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...
Design/Logic Flaw
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...
CVE-2021-33391
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...
HTACG HTML Tidy 资源管理错误漏洞
HTACG HTML Tidy is an open source HTML tool from the HTML Tidy Advocacy Community Group. A security vulnerability in HTACG HTML Tidy v5.7.28 exists that allows an attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c. The vulnerability is caused by a security fl...
CVE-2021-33391
CVE-2021-33391 affects HTACG HTML Tidy v5.7.28. The flaw allows remote attackers to execute arbitrary code via the -g option in the CleanNode() function (gdoc.c), with CVSS v3.1 base score 9.8 (CRITICAL). Affected installations include tidy-html5 packages older than patched versions; multiple adv...
CVE-2021-33391
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...
CVE-2021-33391
An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...
Ubuntu: Security Advisory (USN-2695-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : HTML Tidy vulnerabilities (USN-2695-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2695-1 advisory. Fernando Muoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data,...
USN-2695-1 tidy vulnerabilities
Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code...
USN-2695-1: HTML Tidy vulnerabilities
Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code...
DEBIAN-CVE-2005-1245
Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2005-1245
Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2005-1245
CVE-2005-1245 is an XSS vulnerability in MediaWiki prior to 1.4.2 when HTML Tidy is enabled via $wgUseTidy. The flaw allows remote attackers to inject arbitrary web script or HTML through unknown vectors. Affected product: MediaWiki (before 1.4.2). The root cause and precise exploit vectors are n...
CVE-2005-1245
Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2005-1245
Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...