Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/04 1:51 p.m.1 views

CVE-2016-20057

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

8.5CVSS6.1AI score0.00606EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-3597:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3597:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

8.2CVSS8.4AI score0.02456EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/09 9:0 a.m.7 views

CVE-2023-29201

XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1, only escaped...

9CVSS6.6AI score0.01153EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 8:42 a.m.4 views

CVE-2024-35712

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Jordy Meow Database Cleaner allows Relative Path Traversal.This issue affects Database Cleaner: from n/a through 1.0.5...

4.9CVSS6.8AI score0.00559EPSS
Exploits0References1
Amazon
Amazonadded 2024/08/06 12:0 a.m.3 views

Medium: python-lxml

Issue Overview: An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this...

6.1CVSS6.8AI score0.04002EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2023/03/22 12:0 a.m.41 views

Amazon Linux AMI : python-lxml (ALAS-2023-1709)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1709 advisory. A Cross-site Scripting XSS vulnerability was found in the python-lxml's clean module. The module's parser did not properly imitate browsers, causing different behaviors between the sanitizer and t...

8.2CVSS7.3AI score0.03934EPSS
Exploits1References6
OSV
OSVadded 2022/05/10 8:8 a.m.31 views

ALSA-2022:1932 Moderate: python-lxml security update

lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 For more details about the security issues, including the impact, ...

8.2CVSS7.7AI score0.02456EPSS
Exploits0References2
PyPA
PyPAadded 2021/03/21 5:15 a.m.4 views

PYSEC-2021-19

An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run...

6.1CVSS6.4AI score0.04002EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder