Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/03/11 4:6 p.m.4 views

CVE-2026-30235 Business Logic Error on OpenProject through hyperlinks in markdown using DOM clobbering

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, this vulnerability occurs due to improper validation of OpenProject’s Markdown rendering, specifically in the hyperlink handling. This allows an attacker to inject malicious hyperlink payloads that perform DOM...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References1
CVE
CVE
added 2026/03/11 4:6 p.m.20 views

CVE-2026-30235

OpenProject prior to 17.2.0 is affected by a vulnerability in Markdown rendering where hyperlink handling allows DOM clobbering, potentially crashing or blanking the page and causing runtime errors during application initialization. The issue is tied to improper validation of hyperlinks and is fi...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.9 views

OpenProject 跨站脚本漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.0 had a cross-site scripting vulnerability. This vulnerability stemmed from improper Markdown rendering validation in OpenProject, especially in the handling of hyperlinks. It could allow...

6.5CVSS5.6AI score0.00322EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-4954

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.1.1, 3.0, 3.3, 3.4, and 3.5 OpenSSL versions 3.6 through 3.6.0 Description An invalid or NULL pointer dereference can occur in applications processing malformed PKCS12 files. This can lead to a denial of service when an...

9.8CVSS5.9AI score0.47621EPSS
Exploits7References108
SUSE CVE
SUSE CVE
added 2025/07/25 11:22 p.m.2 views

SUSE CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

6.6CVSS6.3AI score0.00147EPSS
Exploits0References22
Cvelist
Cvelist
added 2025/02/27 2:7 a.m.16 views

CVE-2025-21713 powerpc/pseries/iommu: Don't unset window if it was never set

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: Don't unset window if it was never set On pSeries, when user attempts to use the same vfio container used by different iommu group, the spaprtcesetwindow returns -EPERM and the subsequent cleanup leads to t...

0.00189EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/04/24 3:46 p.m.1 views

xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

7.3CVSS5.8AI score0.00513EPSS
Exploits0References4
Brave Browser
Brave Browser
added 2023/10/11 9:44 a.m.7 views

Brave Android 1.59.117 Security Fixes

Updated which origins and URLs trigger debouncing and request-OTR protections as reported on HackerOne by nishimunea. - Fixed crash when loading brave://optimization-guide-internals as reported on HackerOne by jaguilera. Upgraded Chromium to 118.0.5993.70 — refer to Google Chrome advisories for...

5.8AI score
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/16 8:43 a.m.2 views

kernel: Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed

A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intelgvtdmamapguestpage function. This issue could allow a local user to crash the system...

5.5CVSS6.6AI score0.00224EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/29 12:0 a.m.5 views

PT-2022-24828 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions 2.9.0.beta5 through 2.9.0.beta9 Description: The issue arises when an incomplete quote generates a JavaScript error, potentially crashing the current page in the browser. This occurs in certain cases and is related to how t...

6.5CVSS4.6AI score0.00951EPSS
Exploits0References8
OSV
OSV
added 2021/09/25 2:5 p.m.11 views

OPENSUSE-SU-2021:1310-1 Security update for opera

This update for opera fixes the following issues: opera was updated to version 79.0.4143.22 - CHR-8550 Update chromium on desktop-stable-93-4143 to 93.0.4577.58 - CHR-8557 Update chromium on desktop-stable-93-4143 to 93.0.4577.63 - DNA-94641 Linux Proprietary media codecs not working in snap buil...

8.8CVSS7.5AI score0.0559EPSS
Exploits1References20
Veracode
Veracode
added 2020/04/10 12:48 a.m.33 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox...

9.3CVSS5.1AI score0.03726EPSS
Exploits0References24Affected Software6
Veracode
Veracode
added 2020/04/10 12:36 a.m.18 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox...

10CVSS4.4AI score0.03733EPSS
Exploits1References16Affected Software2
CNVD
CNVD
added 2015/09/27 12:0 a.m.2 views

Mozilla Firefox and Firefox ESR NetworkUtils.cpp Buffer Overflow Vulnerability

Mozilla Firefox is an open source web browser. A security vulnerability exists in the Mozilla Firefox NetworkUtils.cpp file, which allows remote attackers to construct a malicious web page and trick users into parsing it, which can crash the application or execute arbitrary code...

7.5CVSS9.2AI score0.03467EPSS
Exploits0References1
Rows per page
Query Builder