Lucene search
+L

4 matches found

Github Security Blog
Github Security Blog
added 2026/05/26 6:58 p.m.22 views

XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}

Impact POST /wikis/wikiName executes a XAR import without performing any authentication or authorization checks, allowing an unauthenticated attacker to create or update documents in the target wiki Patches This vulnerability has been patched in XWiki 16.10.17, 17.4.9, 17.10.3, 18.0.1 and...

9.3CVSS5.8AI score0.00594EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 5:26 p.m.5 views

CVE-2026-41680

Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service DoS vulnerability exists in marked. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline \x09\x0b\n—an unauthenticated attacker can trigger an infinite recursion loop during...

8.7CVSS5.5AI score0.00342EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.13 views

marked 资源管理错误漏洞

marked is a Markdown parser and compiler written by Christopher Jeffrey in the United States. Version 18.0.0 to 18.0.1 of marked contains a resource management vulnerability. This vulnerability arises from triggering an infinite recursive loop when parsing certain 3-byte input sequences, leading ...

8.7CVSS5.8AI score0.00342EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-2853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of proper validation in...

6.5CVSS5.4AI score0.00409EPSS
Exploits0References2
Rows per page
Query Builder