Lucene search
+L

592 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/04 1:51 p.m.2 views

CVE-2016-20057

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

8.5CVSS6.1AI score0.00606EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/04 1:51 p.m.26 views

CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 Unquoted Service Path Privilege Escalation

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

8.5CVSS0.00606EPSS
Exploits1References4
CVE
CVE
added 2026/04/04 1:51 p.m.20 views

CVE-2016-20057

Summary: CVE-2016-20057 affects NETGATE Registry Cleaner build 16.0.205, via an unquoted service path in the NGRegClnSrv service. This allows a local attacker to escalate privileges by placing a malicious executable in the unquoted path and triggering a service restart or system reboot to execute...

8.5CVSS6.1AI score0.00606EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/04/04 12:0 a.m.12 views

NETGATE Registry Cleaner 代码问题漏洞

NETGATE Registry Cleaner is a system optimization and registry cleaning tool developed by the Slovak company NETGATE. NETGATE Registry Cleaner Build 16.0.205 contains a code vulnerability. This vulnerability stems from the NGRegClnSrv service having a service path that lacks quotes, which may all...

8.5CVSS7.4AI score0.00606EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.4 views

PT-2026-30354

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

8.5CVSS6.1AI score0.00606EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.17 views

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.1 contained security vulnerabilities. These vulnerabilities stemmed from an exploit that allowed bypassing the SVG cleaner, potentially allowing execution of arbitrary JavaScript...

5.4CVSS6.1AI score0.00176EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout 1.8.208 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the attachment handling logic and the SVG...

8.5CVSS5.8AI score0.00207EPSS
Exploits1References3
Fedora
Fedora
added 2026/03/12 12:16 a.m.13 views

[SECURITY] Fedora 44 Update: python-lxml-html-clean-0.4.4-1.fc44

HTML cleaner from lxml project...

6.1CVSS5.8AI score0.00254EPSS
Exploits2
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

SiYuan 跨站脚本漏洞

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from the SVG cleaner’s inability to properly check the javascript: prefix in href attributes, allowi...

6.4CVSS7.1AI score0.00505EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/05 8:56 p.m.6 views

EUVD-2026-9511

Pingora has HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing...

9.3CVSS5.9AI score0.00707EPSS
Exploits1References6
NVD
NVD
added 2026/03/05 8:16 p.m.6 views

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS0.00254EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/03/05 8:16 p.m.6 views

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS7.2AI score0.00254EPSS
Exploits1References3
CVE
CVE
added 2026/03/05 7:49 p.m.43 views

CVE-2026-28350

CVE-2026-28350 affects the python-lxml_html_clean project. Prior to version 0.4.4, the tag bypassed the default Cleaner configuration, and although page_structure=True removes html, head, and title, there was no specific handling for , allowing an attacker to hijack relative links on the page. T...

6.1CVSS5.9AI score0.00254EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/05 7:49 p.m.5 views

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS5.9AI score0.00254EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/05 7:49 p.m.7 views

CVE-2026-28350

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS8.3AI score0.00254EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/03/05 7:49 p.m.3 views

CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS5.7AI score0.00254EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/05 7:49 p.m.35 views

CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS0.00254EPSS
Exploits1References2
OSV
OSV
added 2026/03/05 7:49 p.m.4 views

CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration

lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...

6.1CVSS5.7AI score0.00254EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.12 views

lxml_html_clean 安全漏洞

lxmlhtmlclean is a separate project derived from lxml.HTML.clean, open sourced by the Fedora Python SIG. Versions of lxmlhtmlclean prior to 0.4.4 contained security vulnerabilities. These vulnerabilities stemmed from the base tag being used with the default Cleaner configuration, which could allo...

6.1CVSS7.3AI score0.00254EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.6 views

PT-2026-22855

Name of the Vulnerable Software and Affected Versions Trend Micro Cleaner One Pro affected versions not specified Description Trend Micro Cleaner One Pro installations are susceptible to a denial-of-service condition. A local attacker can exploit this issue, potentially leading to low-privileged...

6AI score
Exploits0References2
Rows per page
Query Builder