Lucene search
K

41 matches found

Debian
Debian
added 2023/02/05 3:43 p.m.25 views

[SECURITY] [DSA 5339-1] libhtml-stripscripts-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 05, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.01116EPSS
Exploits1
NVD
NVD
added 2023/01/21 1:15 a.m.16 views

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS7.5AI score0.01116EPSS
Exploits1References5
OSV
OSV
added 2023/01/21 1:15 a.m.31 views

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS7.4AI score
Exploits0References5
OSV
OSV
added 2023/01/21 1:15 a.m.2 views

DEBIAN-CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS7.3AI score0.01116EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/01/21 1:15 a.m.96 views

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS7.1AI score0.01116EPSS
Exploits1References4
OSV
OSV
added 2023/01/21 1:15 a.m.3 views

UBUNTU-CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS5.8AI score0.01116EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/01/21 12:0 a.m.6 views

perl-html-stripscripts 安全漏洞

perl-html-stripscripts is a Perl library. A security vulnerability exists in perl-html-stripscripts version 1.06 and earlier. An attacker can exploit this vulnerability to perform catastrophic backtracking on HTML content with specific style attributes...

7.5CVSS7.3AI score0.01116EPSS
Exploits1References9
Cvelist
Cvelist
added 2023/01/21 12:0 a.m.23 views

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.6AI score0.01116EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/01/21 12:0 a.m.22 views

CVE-2023-24038

The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes...

7.5CVSS7.5AI score0.01116EPSS
Exploits1
Veracode
Veracode
added 2020/03/31 6:36 a.m.22 views

Regular Expression Denial-of-Service (ReDoS)

bleach is vulnerable to regular expression denial of service ReDoS. The vulnerability exists when parsing style attributes through sanitizecss...

7.5CVSS7.2AI score0.00718EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2020/03/20 12:0 a.m.4 views

phpBB Injection Vulnerability

phpBB is a set of open source and PHP-based Web forum software . The software has support for multiple languages , multiple databases and customized layout and so on. phpBB 3.2.7 version of an injection vulnerability , the vulnerability stems from the program fails to validate the BBCode paramete...

7.5CVSS7.5AI score0.01077EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/09 12:0 a.m.6 views

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-08009)

Internet Explorer is a web browser from Microsoft. A security vulnerability exists in Internet Explorer 11's handling of style attributes. By tampering with document elements, an attacker can force an array allocated by a CAttrArray object to be reused after release and then execute arbitrary cod...

9.3CVSS7.5AI score0.18763EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/12/08 12:0 a.m.33 views

Microsoft Internet Explorer CAttrArray Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.19956EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/12/08 12:0 a.m.29 views

Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.18763EPSS
Exploits0References1
Mozilla
Mozilla
added 2010/03/23 12:0 a.m.28 views

Browser chrome defacement via cached XUL stylesheets — Mozilla

Mozilla developer Wladimir Palant reported that stylesheets used in remote XUL documents can wind up in the XUL cache where it can later be accessed by browser chrome for use in styling the user interface. A malicious website could use this issue to pollute a user's XUL cache and change style...

5CVSS1.8AI score0.01689EPSS
Exploits1References2Affected Software3
UbuntuCve
UbuntuCve
added 2009/01/21 2:30 a.m.21 views

CVE-2008-5917

Cross-site scripting XSS vulnerability in the XSS filter framework/TextFilter/Filter/xss.php in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes...

4.3CVSS6AI score0.01299EPSS
Exploits1References1
Prion
Prion
added 2009/01/21 2:30 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the XSS filter framework/TextFilter/Filter/xss.php in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes...

4.3CVSS5.2AI score0.01299EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2009/01/21 2:0 a.m.25 views

CVE-2008-5917

Cross-site scripting XSS vulnerability in the XSS filter framework/TextFilter/Filter/xss.php in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes...

6.4AI score0.01299EPSS
Exploits1References6
NVD
NVD
added 2005/11/05 11:2 a.m.21 views

CVE-2005-3505

Cross-site scripting XSS vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as , which are processed by Internet Explorer...

4.3CVSS5.7AI score0.01784EPSS
Exploits1References9
Cvelist
Cvelist
added 2005/11/05 11:0 a.m.20 views

CVE-2005-3505

Cross-site scripting XSS vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as , which are processed by Internet Explorer...

5.7AI score0.01784EPSS
Exploits1References9
Rows per page
Query Builder