269 matches found
EUVD-2026-43089
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
CVE-2026-15086
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
CVE-2026-15086
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
CVE-2026-15086 Raw Formatter [Meta Tag Formatter] - Critical - Unsupported - SA-CONTRIB-2026-077
vulnerability in Drupal Raw Formatter Meta Tag Formatter allows . This issue affects Raw Formatter Meta Tag Formatter versions:...
Important: ecs-init
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
The vulnerability of the Go programming language, related to the lack of measures to neutralize special elements, allows attackers to perform cross-site scripting attacks.
The vulnerability of the Go programming language is related to the lack of measures taken to neutralize special elements when processing the content attribute of the tag. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
CVE-2026-10287
A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function getheaders of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-10287 SourceCodester SEO Meta Tag Extractor index.php get_headers server-side request forgery
A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function getheaders of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been...
PT-2026-45552
A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function get headers of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been...
SourceCodester SEO Meta Tag Extractor 代码问题漏洞
SourceCodester SEO Meta Tag Extractor is an open-source SEO meta tag extractor developed by SourceCodester. Version 1.0 of SourceCodester SEO Meta Tag Extractor has a code vulnerability. This vulnerability stems from incorrect parameter handling in the getheaders function within the file/index.ph...
CVE-2026-8942
CVE-2026-8942 affects the WordPress MetaMagic SEO Plugin (versions up to 1.6). The issue is a Cross-Site Request Forgery due to missing or incorrect nonce validation in the metamagic_update_options function, allowing unauthenticated attackers to modify SEO settings (e.g., enable/disable the plugi...
Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-116 (ALASECS-2026-116)
The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-116 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory an...
Amazon Linux 2023 : captree, libcap, libcap-devel (ALAS2023-2026-1721)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1721 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value refresh. A new GODEBU...
Amazon Linux 2023 : docker (ALAS2023-2026-1736)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1736 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2023 : runc (ALAS2023-2026-1715)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1715 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2023 : golist (ALAS2023-2026-1742)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1742 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-122 (ALASDOCKER-2026-122)
The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-122 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...
Amazon Linux 2023 : nerdctl (ALAS2023-2026-1735)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1735 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...
Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3311 (ALAS-2026-3311)
The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3311 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...