Lucene search
+L

29 matches found

nvd
nvd
added 2026/06/27 8:16 a.m.11 views

CVE-2026-11597

The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'infusionsoft-form' shortcode in versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied 'account' and 'id' shortcode...

6.4CVSS0.00193EPSS
Exploits0References5
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in libxml2

In libxml2 version 2.9.13, the valid.c file contains a use-after-free issue with the ID and IDREF attributes...

7.5CVSS7.2AI score0.0601EPSS
Exploits0References2
osv
osv
added 2026/05/06 2:45 p.m.11 views

BIT-JAVA-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.7AI score0.00339EPSS
Exploits1References44
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.12 views

PT-2026-38056

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.7AI score0.00339EPSS
Exploits1References41
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.15 views

PT-2026-37849

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.7AI score0.00339EPSS
Exploits1References41
snyk
snyk
added 2026/03/19 12:42 p.m.3 views

Directory Traversal

Overview nltk is a Natural Language Toolkit NLTK is a Python package for natural language processing. Affected versions of this package are vulnerable to Directory Traversal via the XML index file downloader. An attacker can overwrite arbitrary files and create directories at unintended locations...

8.1CVSS6.5AI score0.00498EPSS
Exploits1References2
osv
osv
added 2025/10/17 5:40 p.m.5 views

JLSEC-2025-74 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...

7.5CVSS7AI score0.0601EPSS
Exploits0References38
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-6426

Malware in sbrugna...

7.5CVSS9.3AI score0.01459EPSS
Exploits1References12
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-20998

Malicious code in bioql PyPI...

7.8CVSS8.4AI score0.00339EPSS
Exploits1References27
euvd
euvd
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-28391

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0601EPSS
Exploits0References27
redhat
redhat
added 2025/08/07 4:6 p.m.8 views

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References5
redhat
redhat
added 2025/08/07 5:32 a.m.11 views

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References5
redhat
redhat
added 2025/08/07 5:26 a.m.11 views

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References5
redhat
redhat
added 2025/08/07 4:45 a.m.12 views

libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References5
nvd
nvd
added 2025/07/10 2:15 p.m.9 views

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS0.00339EPSS
Exploits1References43
osv
osv
added 2025/07/10 2:15 p.m.13 views

UBUNTU-CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.6AI score0.00339EPSS
Exploits1References6
attackerkb
attackerkb
added 2025/07/10 1:53 p.m.6 views

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References33
ptsecurity
ptsecurity
added 2025/04/15 12:0 a.m.4 views

PT-2025-29101

Name of the Vulnerable Software and Affected Versions libxml2 and libxslt versions prior to 2.12.7+dfsg+really2.9.14-0.4ubuntu0.4 libxslt versions 1.1.35-1.2+deb13u1 libxml2 versions prior to 2.9.14+dfsg-1.3deb12u4 libxml2 versions prior to 2.12.7+dfsg+really2.9.14-2.1+deb13u1 SLE 15 SP7...

7.8CVSS7.2AI score0.00339EPSS
Exploits1References148
redhatcve
redhatcve
added 2025/02/05 12:17 a.m.9 views

CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

7.5CVSS7AI score0.00693EPSS
Exploits0References1
debiancve
debiancve
added 2025/01/15 8:0 a.m.6 views

CVE-2024-4227

In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS...

7.5CVSS7.4AI score0.00693EPSS
Exploits0
Rows per page
Query Builder