Lucene search
+L

14 matches found

Vulnrichment
Vulnrichment
added 2026/07/07 7:50 p.m.7 views

CVE-2026-58472 GNU Wget 1.25.0 Heap Buffer Overflow via HTML Attribute Encoding

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

6CVSS6.3AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56241

Name of the Vulnerable Software and Affected Versions GNU Wget versions prior to 1.25.0 commit dd692d9 Description A heap buffer overflow occurs in the html quote string function within src/convert.c. A remote attacker can trigger memory corruption by providing a crafted HTML attribute containing...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References24
ATTACKERKB
ATTACKERKB
added 2026/04/07 5:38 p.m.4 views

CVE-2026-39333

ChurchCRM is an open-source church management system. Prior to 7.1.0, he FindFundRaiser.php endpoint reflects user-supplied input DateStart and DateEnd into HTML input field attributes without proper output encoding for the HTML attribute context. An authenticated attacker can craft a malicious U...

8.7CVSS6AI score0.00215EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2024/03/25 8:18 p.m.3 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 8:17 p.m.9 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 8:13 p.m.5 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 7:40 p.m.5 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 7:36 p.m.4 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 7:35 p.m.4 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/03/25 6:54 p.m.6 views

Mozilla: Integer overflow could have led to out of bounds write

The Mozilla Foundation Security Advisory describes this flaw as: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write...

8.4CVSS7.5AI score0.00385EPSS
Exploits1References6
OSV
OSV
added 2022/11/18 11:15 p.m.3 views

CVE-2021-31739

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability XSS, because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address...

6.1CVSS5.8AI score0.00423EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/18 12:0 a.m.4 views

CVE-2021-31739

The SEPPmail solution is vulnerable to a Cross-Site Scripting vulnerability XSS, because user input is not correctly encoded in HTML attributes when returned by the server.SEPPmail 11.1.10 allows XSS via a recipient address...

5.8AI score0.00423EPSS
Exploits1References1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.19 views

Cross-Site Scripting

I've picked up on the work started over at 276 and rebased on erusev/master. Since this is rebased on master, I can't point at PR at naNuke/master without running into the merge conflicts that I've already resolved manually. I've implemented what I suggested earlier so that all attributes are...

4.3CVSS5.8AI score0.012EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.64 views

Cross-Site Scripting

I've picked up on the work started over at https://github.com/erusev/parsedown/pull/276 and rebased on erusev/master. Since this is rebased on master, I can't point at PR at naNuke/master without running into the merge conflicts that I've already resolved manually. I've implemented what I suggest...

6.1CVSS6.3AI score0.012EPSS
Exploits0Affected Software1
Rows per page
Query Builder