Lucene search
K

36 matches found

OSV
OSV
added 2023/02/17 6:15 p.m.8 views

UBUNTU-CVE-2021-33391

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...

9.8CVSS6.2AI score0.01128EPSS
Exploits1References3
Prion
Prion
added 2023/02/17 6:15 p.m.21 views

Design/Logic Flaw

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...

7.5CVSS9.7AI score0.01128EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/17 12:0 a.m.5 views

CVE-2021-33391

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...

9.6AI score0.01128EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.5 views

HTACG HTML Tidy 资源管理错误漏洞

HTACG HTML Tidy is an open source HTML tool from the HTML Tidy Advocacy Community Group. A security vulnerability in HTACG HTML Tidy v5.7.28 exists that allows an attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c. The vulnerability is caused by a security fl...

9.8CVSS8.8AI score0.01128EPSS
Exploits1References3
CVE
CVE
added 2023/02/17 12:0 a.m.84 views

CVE-2021-33391

CVE-2021-33391 affects HTACG HTML Tidy v5.7.28. The flaw allows remote attackers to execute arbitrary code via the -g option in the CleanNode() function (gdoc.c), with CVSS v3.1 base score 9.8 (CRITICAL). Affected installations include tidy-html5 packages older than patched versions; multiple adv...

9.8CVSS9.5AI score0.01128EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/02/17 12:0 a.m.31 views

CVE-2021-33391

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...

9.8AI score0.01128EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/02/17 12:0 a.m.25 views

CVE-2021-33391

An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitrary code via the -g option of the CleanNode function in gdoc.c...

9.8CVSS9.7AI score0.01128EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/07/30 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-2695-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.04655EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/07/30 12:0 a.m.38 views

Ubuntu 14.04 LTS : HTML Tidy vulnerabilities (USN-2695-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2695-1 advisory. Fernando Muoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data,...

6.8CVSS5.8AI score0.04655EPSS
Exploits2References3
OSV
OSV
added 2015/07/29 6:24 p.m.3 views

USN-2695-1 tidy vulnerabilities

Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code...

6.8CVSS6.1AI score0.04655EPSS
Exploits2References3
Ubuntu
Ubuntu
added 2015/07/29 6:24 p.m.111 views

USN-2695-1: HTML Tidy vulnerabilities

Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code...

6.8CVSS5.7AI score0.04655EPSS
Exploits2
OSV
OSV
added 2005/05/02 4:0 a.m.2 views

DEBIAN-CVE-2005-1245

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS6AI score0.01208EPSS
Exploits0References1
OSV
OSV
added 2005/05/02 4:0 a.m.8 views

CVE-2005-1245

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

5.8AI score
Exploits0References5
CVE
CVE
added 2005/04/24 4:0 a.m.50 views

CVE-2005-1245

CVE-2005-1245 is an XSS vulnerability in MediaWiki prior to 1.4.2 when HTML Tidy is enabled via $wgUseTidy. The flaw allows remote attackers to inject arbitrary web script or HTML through unknown vectors. Affected product: MediaWiki (before 1.4.2). The root cause and precise exploit vectors are n...

4.3CVSS5.7AI score0.01208EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2005/04/24 4:0 a.m.21 views

CVE-2005-1245

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

5.7AI score0.01208EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2005/04/24 4:0 a.m.30 views

CVE-2005-1245

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.2, when using HTML Tidy $wgUseTidy, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.7AI score0.01208EPSS
Exploits0
Rows per page
Query Builder