Lucene search
+L

398 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/20 12:0 a.m.9 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS6.1AI score0.00298EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42214

Name of the Vulnerable Software and Affected Versions @cyntler/react-doc-viewer version 1.17.1 Description A Cross-Site Scripting XSS issue exists where remote attackers can execute arbitrary JavaScript by using a crafted .txt file. This occurs because the TXTRenderer component does not sanitize...

6.1CVSS6AI score0.00298EPSS
Exploits0References5
OSV
OSV
added 2026/05/01 2:14 p.m.7 views

MAL-2026-3213 Malicious code in funkratov-renderkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78b5f3b4a8756df49b4a5eb41647e9dd20328da005f95869f81447355e2f7880 Package is prepared to exfiltrate .log and .txt files to the target already associated with exfiltrating sensitive data. --- Category: MALICIOUS - The campaign...

5.9AI score
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.27 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0
NVD
NVD
added 2026/04/26 10:17 p.m.5 views

CVE-2018-25274

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an...

6.9CVSS0.00115EPSS
Exploits0References2
CVE
CVE
added 2026/04/26 1:19 p.m.11 views

CVE-2018-25274

CVE-2018-25274 affects InfraRecorder 0.53. ADenial of Service vulnerability allows a local attacker to crash the application by importing a crafted text file. Specifically, a 6000-byte text file imported via the Edit → Import function can trigger the crash. The connected documents confirm the loc...

6.9CVSS5.3AI score0.00115EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/26 1:19 p.m.8 views

CVE-2018-25274 InfraRecorder 0.53 Denial of Service via txt File Import

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an...

6.9CVSS5.2AI score0.00115EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/26 1:19 p.m.9 views

EUVD-2018-21794

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an...

6.9CVSS5.3AI score0.00115EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/26 1:19 p.m.4 views

CVE-2018-25274

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an...

6.9CVSS5.2AI score0.00115EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/26 1:19 p.m.37 views

CVE-2018-25274 InfraRecorder 0.53 Denial of Service via txt File Import

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an...

6.9CVSS0.00115EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.10 views

InfraRecorder 安全漏洞

InfraRecorder is a tool software developed by InfraRecorder Inc. designed for burning discs and creating disc images. Version 0.53 of InfraRecorder contains a security vulnerability. This vulnerability stems from a denial-of-service attack when importing malicious text files. It is possible for...

6.9CVSS5.8AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.11 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

7.8CVSS6.2AI score0.00199EPSS
Exploits1References1
NVD
NVD
added 2026/04/18 6:16 a.m.5 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

7.8CVSS0.00199EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/18 5:27 a.m.41 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS0.00199EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/18 5:27 a.m.8 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/18 5:27 a.m.3 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References4
CVE
CVE
added 2026/04/18 5:27 a.m.31 views

CVE-2026-41253

Affected software: iTerm2 versions up to 3.6.9 (with notes in Red Hat and EU sources also referencing iTerm2 < 3.6.10 and

7.8CVSS6.2AI score0.00199EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/18 5:27 a.m.7 views

EUVD-2026-23656

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.2AI score0.00199EPSS
Exploits1References4
OSV
OSV
added 2026/04/18 5:27 a.m.4 views

CVE-2026-41253

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band...

6.9CVSS6.4AI score0.00199EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25705

Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries a...

8.6CVSS6.4AI score0.00208EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder