167490 matches found
CGA-6J9P-77C7-V873
Bulletin has no description...
DEBIAN-CVE-2026-12151
Impact: The undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size...
CVE-2026-9679
Impact: undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...
EUVD-2026-37761
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...
CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...
CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...
CGA-95XC-J44M-FM48
Bulletin has no description...
CGA-7V58-Q3H2-QFR7
Bulletin has no description...
ROOT-OS-DEBIAN-13-CVE-2025-47907 CVE-2025-47907 in rootio-golang-1.24 - Patched by Root
Root has patched CVE-2025-47907 in the rootio-golang-1.24 package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-68119 CVE-2025-68119 in rootio-golang-1.24 - Patched by Root
Root has patched CVE-2025-68119 in the rootio-golang-1.24 package for Root:Debian:13. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-24281 CVE-2026-24281 in io.root.org.apache.zookeeper:zookeeper - Patched by Root
Root has patched CVE-2026-24281 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2024-51504 CVE-2024-51504 in io.root.org.apache.zookeeper:zookeeper - Patched by Root
Root has patched CVE-2024-51504 in the io.root.org.apache.zookeeper:zookeeper package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-55752 CVE-2025-55752 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root
Root has patched CVE-2025-55752 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-61795 CVE-2025-61795 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root
Root has patched CVE-2025-61795 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...
CGA-4H2P-C6QM-Q3PG
Bulletin has no description...
CGA-RW78-F2MF-MH53
Bulletin has no description...
CGA-HH42-XJVQ-J5WV
Bulletin has no description...
CGA-HQ53-VC55-4CR7
Bulletin has no description...
CGA-PQHX-35QG-HV6F
Bulletin has no description...
ROOT-APP-MAVEN-CVE-2020-13936 CVE-2020-13936 in io.root.org.apache.velocity:velocity - Patched by Root
Root has patched CVE-2020-13936 in the io.root.org.apache.velocity:velocity package for Root:Maven. Multiple fixed versions available...