Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

525 matches found

Debian CVE
Debian CVEadded 2022/12/22 12:0 a.m.38 views

CVE-2022-31743

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox 101...

6.5CVSS8.2AI score0.00428EPSS
Exploits0
Cvelist
Cvelistadded 2022/12/22 12:0 a.m.17 views

CVE-2022-31743

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox 101...

7.4AI score0.00428EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2022/12/22 12:0 a.m.48 views

CVE-2022-31743

Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox 101...

6.5CVSS7.3AI score0.00428EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2022/11/08 8:7 p.m.82 views

Security Bulletin: IBM Security Guardium is affected by a jsoup vulnerability (CVE-2021-37714)

Summary IBM Security Guardium has fixed this vulnerability. Vulnerability Details CVEID:CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause th...

7.5CVSS7.3AI score0.06873EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2022/09/14 3:28 p.m.72 views

Security Bulletin: A CVE-2021-37714 vulnerability in jsoup affects IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager

Summary A vulnerabilitiy exists in jsoup used by the desktop version of IBM Process Designer. IBM Process Designer has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending ...

7.2AI score0.06873EPSS
Exploits0Affected Software5
NVD
NVDadded 2022/08/29 5:15 p.m.29 views

CVE-2022-36033

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS0.01164EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2022/08/29 5:15 p.m.33 views

CVE-2022-36033

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS6.6AI score0.01164EPSS
Exploits1References4
Prion
Prionadded 2022/08/29 5:15 p.m.44 views

Cross site scripting

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

5.8CVSS7.1AI score0.01164EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2022/08/29 12:0 a.m.509 views

CVE-2022-36033

CVE-2022-36033 affects jsoup, a Java HTML parser. The issue arises when SafeList.preserveRelativeLinks is enabled, allowing crafted javascript: URLs to bypass sanitization and potentially enable XSS if the page lacks a Content Security Policy. The vulnerability is mitigated by updating to jsoup 1...

6.1CVSS6.2AI score0.01164EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVEadded 2022/08/29 12:0 a.m.38 views

CVE-2022-36033

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS7.1AI score0.01164EPSS
Exploits1
OSV
OSVadded 2022/08/29 12:0 a.m.42 views

CVE-2022-36033 jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting XSS safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default...

6.1CVSS6.3AI score0.01164EPSS
Exploits1References6
OpenVAS
OpenVASadded 2022/08/26 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-85-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.05296EPSS
Exploits0References2
OSV
OSVadded 2022/07/26 10:15 p.m.24 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS7.9AI score
Exploits0References3
UbuntuCve
UbuntuCveadded 2022/07/26 10:15 p.m.34 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS6.3AI score0.00683EPSS
Exploits1References1
Prion
Prionadded 2022/07/26 10:15 p.m.20 views

Design/Logic Flaw

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS4.7AI score0.00683EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/07/26 10:15 p.m.2 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.8AI score0.00683EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/07/26 9:35 p.m.24 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

5.3AI score0.00683EPSS
Exploits1References3
CVE
CVEadded 2022/07/26 9:35 p.m.235 views

CVE-2022-1498

CVE-2022-1498 affects Google Chrome/Chromium: Inappropriate implementation in the HTML Parser allowed a remote attacker to leak cross-origin data via a crafted HTML page. The issue is tied to Chrome/Chromium versions prior to 101.0.4951.41. Public references reiter the same description across mul...

4.3CVSS4.7AI score0.00683EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2022/07/26 9:35 p.m.40 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.8AI score0.00683EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2022/07/26 9:35 p.m.57 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.1AI score0.00683EPSS
Exploits1
Rows per page
Query Builder