Lucene search
K

534 matches found

RedHat Linux
RedHat Linux
added 2 days ago4 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.5AI score0.00178EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago5 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.5AI score0.00178EPSS
Exploits0References8
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40665

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00152EPSS
Exploits0References3
OSV
OSV
added 3 days ago2 views

DEBIAN-CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS0.00152EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00152EPSS
Exploits0
Cvelist
Cvelist
added 3 days ago22 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00152EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 7:40 a.m.9 views

BIT-PYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00229EPSS
Exploits1References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in containerd-app

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

5.3CVSS6.7AI score0.00502EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Bypass of mitigation mechanisms in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00552EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS protections through a crafted HTML page. Chrome security severity: Medium...

6.1CVSS6.9AI score0.00545EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 11:37 p.m.33 views

CVE-2026-12047

CVE-2026-12047 – pgAdmin 4 : HTML injection in the cloud deployment module arises when unsanitised exception text (from verify_credentials, deploy, and related endpoints under /rds/, /azure/, /google/, and /cloud/) is echoed into JSON response fields (info/errormsg) and rendered by the Cloud Wiza...

5.4CVSS5.3AI score0.00137EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.21 views

PT-2026-50814

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.0 through 9.15 Description Stored cross-site scripting exists in the error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server, such as ErrorResponse messages, object names in...

9.3CVSS5.9AI score0.0021EPSS
Exploits0References13
CBLMariner
CBLMariner
added 2026/06/13 6:21 p.m.9 views

CVE-2026-8829 affecting package perl-HTML-Parser for versions less than 3.82-2

CVE-2026-8829 affecting package perl-HTML-Parser for versions less than 3.82-2. A patched version of the package is available...

7.5CVSS5.2AI score0.0031EPSS
Exploits0
OSV
OSV
added 2026/06/12 12:27 p.m.10 views

OESA-2026-2672 perl-HTML-Parser security update

Objects of the HTML::Parser class will recognize markup and separate it from plain text alias data content in HTML documents. As different kinds of markup and text are recognized, the corresponding event handlers are invoked. Security Fixes: HTML::Entities versions before 3.84 for Perl read freed...

7.5CVSS5.5AI score0.0031EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/08 12:0 a.m.6 views

perl-HTML-Parser-3.850.0-1.1 on GA media (moderate)

perl-HTML-Parser-3.850.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10957-1 Rating: moderate Cross-References: CVE-2026-8829 CVSS scores: CVE-2026-8829 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

4.8CVSS5.4AI score0.0031EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

HTML::Parser 安全漏洞

HTML::Parser is a tool for parsing HTML documents and separating markup from content, developed as open source by libwww-perl. Versions of HTML::Parser prior to 3.84 contained security vulnerabilities. These vulnerabilities stemmed from the XS routine’s cache pointing to the SV pointer in the...

7.5CVSS5.4AI score0.0031EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 12:0 a.m.4 views

OPENSUSE-SU-2026:10957-1 perl-HTML-Parser-3.850.0-1.1 on GA media

These are all security issues fixed in the perl-HTML-Parser-3.850.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.4AI score0.0031EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:11 a.m.25 views

Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html

...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:9 a.m.13 views

Invoking incorrect handling of HTML elements in foreign content in golang.org/x/net/html

...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
Rows per page
Query Builder