Lucene search
K

31 matches found

OSV
OSV
added 2024/10/27 10:15 p.m.1 views

UBUNTU-CVE-2024-50614

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

6.5CVSS5.8AI score0.00404EPSS
Exploits1References3
NVD
NVD
added 2009/10/29 2:30 p.m.11 views

CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

4.3CVSS6.2AI score0.01727EPSS
Exploits1References8
Prion
Prion
added 2009/10/29 2:30 p.m.13 views

Design/Logic Flaw

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

4.3CVSS6.5AI score0.01727EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2009/10/29 2:0 p.m.30 views

CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

6.1AI score0.01727EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2009/10/29 2:0 p.m.34 views

CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

4.3CVSS6.2AI score0.01727EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2009/10/29 12:0 a.m.26 views

CVE-2009-3627

The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...

4.3CVSS5.9AI score0.01727EPSS
Exploits1References3
Prion
Prion
added 2007/06/21 11:30 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...

4.3CVSS5.8AI score0.01182EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/06/21 11:30 p.m.25 views

CVE-2007-3342

Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...

4.3CVSS5.6AI score0.01033EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/09/12 4:0 p.m.20 views

CVE-2006-4706

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated usin...

5.6AI score0.02403EPSS
Exploits1References6
NVD
NVD
added 2006/07/21 2:3 p.m.15 views

CVE-2006-3761

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...

4.3CVSS5.6AI score0.02526EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/07/21 12:0 a.m.22 views

CVE-2006-3761

Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...

5.6AI score0.02526EPSS
Exploits1References9
Rows per page
Query Builder