Lucene search
K

10 matches found

CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from an authorization flaw in the content script’s window.postMessage bridging mechanism, which could allow...

6.1CVSS5.9AI score0.00195EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: python-xmltodict (UTSA-2026-007093)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007093 advisory. XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. Tenable has extracted the preceding...

6.9CVSS5.9AI score0.00417EPSS
Exploits0References4
OSV
OSV
added 2025/09/01 5:15 p.m.3 views

UBUNTU-CVE-2025-9375

XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by the vendor on the grounds that xmltodict.unparse delegates element-name handling to Python's xml.sax.saxutils.XMLGenerator,...

6.9CVSS5.8AI score0.00417EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/09/01 4:43 p.m.2 views

CVE-2025-9375

XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by the vendor on the grounds that xmltodict.unparse delegates element-name handling to Python's xml.sax.saxutils.XMLGenerator,...

6.9CVSS5.7AI score0.00417EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/20 12:0 a.m.12 views

PT-2025-5335 · Unknown +1 · Writefreely +1

Name of the Vulnerable Software and Affected Versions: WriteFreely versions 0.15.1 and earlier Description: The issue allows local users to discover credentials by reading the config.ini file when MySQL is used. This is due to insecure default configuration access. Recommendations: For versions...

8.9CVSS5.9AI score0.0104EPSS
Exploits2References94
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.6 views

PT-2023-31535 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.15.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the usememos/memos repository. It affects the getimage endpoint. No information is provided about the estimated number of...

8.8CVSS7.4AI score0.00285EPSS
Exploits1References11
OSV
OSV
added 2023/04/21 12:15 p.m.1 views

DEBIAN-CVE-2021-33589

Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...

7.5CVSS7.3AI score0.00492EPSS
Exploits1References1
OSV
OSV
added 2023/04/21 12:15 p.m.1 views

UBUNTU-CVE-2021-33589

Ribose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of the algorithm...

7.5CVSS5.8AI score0.00492EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/21 12:0 a.m.6 views

Ribose RNP 安全漏洞

Ribose RNP is an application from Ribose, Inc. A security vulnerability exists in Ribose RNP versions prior to 0.15.1 that stems from the lack of implementation of a required step in the cryptographic algorithm, resulting in faulty encryption and leaving the key in the plaintext state...

7.5CVSS7.2AI score0.00492EPSS
Exploits1References3
Prion
Prion
added 2013/08/14 3:55 p.m.15 views

Buffer overflow

Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...

7.5CVSS8.3AI score0.03287EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder