Lucene search
K

7 matches found

Cvelist
Cvelist
added 2025/08/25 10:32 a.m.10 views

CVE-2025-9407 mtons mblog profile cross site scripting

A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...

5.1CVSS0.00225EPSS
Exploits1References4
OSV
OSV
added 2025/03/14 5:14 p.m.3 views

GHSA-9P8X-F768-WP2G xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References

Impact An attacker may be able to exploit this vulnerability to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature...

9.3CVSS5.9AI score0.0905EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.5 views

SUSE CVE-2021-25636

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

6.3CVSS6.9AI score0.00965EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/01/19 12:0 a.m.5 views

PT-2021-6784 · Document Foundation +9 · Libreoffice +9

Name of the Vulnerable Software and Affected Versions: LibreOffice versions 7.2 prior to 7.2.5 Description: The issue is related to improper certificate validation in LibreOffice, allowing an attacker to create a digitally signed ODF document by manipulating the documentsignatures.xml or...

8.8CVSS6.5AI score0.04354EPSS
Exploits0References64
Positive Technologies
Positive Technologies
added 2013/09/03 12:0 a.m.4 views

PT-2013-63: Hash Length Extension in HTMLPurifier

The specialists of the Positive Research center have detected a vulnerability in HTMLPurifier that allows attackers to carry out a "Hash Length Extension" attack.. Class HTMLPurifierURIFilterMunge implements a URI filter that replaces all links with a formatted URL, for example, it can be used to...

5CVSS7.2AI score
Exploits0References3
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.8 views

Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB979916)

A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...

2.7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.16 views

Microsoft .NET Framework 3.5 Security Update for Windows Server 2003 and Windows XP for x64-based Systems (KB982865)

A security issue has been identified that could allow an attacker to tamper with digitally signed content without being detected, when this content is being consumed by an application that makes use of the Microsoft .NET Framework on a Windows-based system. You can help protect your computer by...

2.7AI score
Exploits0
Rows per page
Query Builder