Lucene search
K

10 matches found

OSV
OSV
added 2026/01/14 9:15 p.m.8 views

AZL-74636 CVE-2026-0861 affecting package glibc for versions less than 2.35-9

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

8.4CVSS6AI score0.00352EPSS
Exploits1References1
NVD
NVD
added 2025/12/19 8:15 p.m.4 views

CVE-2025-67712

There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...

4.7CVSS0.00278EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 8:5 p.m.17 views

CVE-2025-67712

CVE-2025-67712 is an HTML injection issue affecting Esri ArcGIS Web AppBuilder developer edition before 2.30. The vulnerability could allow a remote, unauthenticated attacker to entice a user to click a link that causes arbitrary HTML to render in the victim’s browser; there is no evidence of Jav...

4.7CVSS6.8AI score0.00278EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/19 8:5 p.m.7 views

CVE-2025-67712 HTML injection issue in ArcGIS Web App Builder

There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...

4.7CVSS6.8AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/10/16 2:15 p.m.6 views

AZL-68775 CVE-2025-11839 affecting package binutils for versions less than 2.37-20

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...

5.5CVSS5.3AI score0.00251EPSS
Exploits1References1
OSV
OSV
added 2022/05/13 1:36 a.m.6 views

GHSA-WJ5C-J656-H5FW Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

In Jenkins before versions 2.44 and 2.32.2, node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes SECURITY-343...

4.3CVSS5.9AI score0.01098EPSS
Exploits0References5
OSV
OSV
added 2021/01/04 3:15 p.m.2 views

UBUNTU-CVE-2020-35496

There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...

5.5CVSS5.8AI score0.01141EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2019/02/26 12:0 a.m.6 views

PT-2019-19426

Name of the Vulnerable Software and Affected Versions GNU C Library aka glibc or libc6 versions prior to 2.30 Description The issue is related to Uncontrolled Recursion in the check dst limits calc pos 1 function in posix/regexec.c. This can be demonstrated by using a crafted pattern '|11' in gre...

7.5CVSS7.2AI score0.02447EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2019/02/25 12:0 a.m.4 views

PT-2019-5586

Name of the Vulnerable Software and Affected Versions GNU C Library aka glibc or libc6 versions prior to 2.30 Description The issue is related to uncontrolled recursion in the GNU C Library when processing regular expressions. This can lead to a denial of service. The problem arises when the...

7.8CVSS7.1AI score0.05804EPSS
Exploits1References20
ATTACKERKB
ATTACKERKB
added 2011/07/28 6:55 p.m.2 views

CVE-2011-2957

Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 CPR9 SR3 allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer .ftd configuration file, which triggers memory corruption...

6.9CVSS6.1AI score0.00644EPSS
Exploits0References4
Rows per page
Query Builder