Lucene search
K

7 matches found

Snyk
Snyk
added 2026/04/27 12:0 a.m.5 views

Improper Neutralization of Special Elements in Data Query Logic

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...

8.8CVSS5.8AI score0.00394EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/17 9:0 p.m.10 views

XML Injection

Overview Affected versions of this package are vulnerable to XML Injection in fxb.js, which does not properly handle closing delimiters for comment and CDATA values. The -- sequence in comment content and the sequence in CDATA sections can be coopted to close their respective sections early and...

6.1CVSS5.8AI score0.00238EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.4 views

PT-2025-45353

Name of the Vulnerable Software and Affected Versions Advantech WebAccess/VPN versions prior to 1.1.5 Description Advantech WebAccess/VPN versions prior to 1.1.5 contain a stored cross-site scripting XSS issue via the NetworksController.addNetworkAction function. Insufficient validation or escapi...

6.2CVSS5.9AI score0.002EPSS
Exploits0References5
Amazon
Amazon
added 2023/05/31 12:0 a.m.5 views

Important: runc

Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not...

7.8CVSS6.8AI score0.00457EPSS
Exploits2
OSV
OSV
added 2023/04/14 11:5 a.m.3 views

OESA-2023-1217 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a...

7.8CVSS6.8AI score0.00343EPSS
Exploits0References2
OSV
OSV
added 2023/03/29 7:15 p.m.10 views

AZL-25851 CVE-2023-25809 affecting package moby-runc for versions less than 1.1.5-1

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.7AI score0.00327EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/29 6:22 p.m.3 views

CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

5CVSS7AI score0.00327EPSS
Exploits1References2
Rows per page
Query Builder