592 matches found
CVE-2016-20057
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...
CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 Unquoted Service Path Privilege Escalation
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...
CVE-2016-20057
Summary: CVE-2016-20057 affects NETGATE Registry Cleaner build 16.0.205, via an unquoted service path in the NGRegClnSrv service. This allows a local attacker to escalate privileges by placing a malicious executable in the unquoted path and triggering a service restart or system reboot to execute...
NETGATE Registry Cleaner 代码问题漏洞
NETGATE Registry Cleaner is a system optimization and registry cleaning tool developed by the Slovak company NETGATE. NETGATE Registry Cleaner Build 16.0.205 contains a code vulnerability. This vulnerability stems from the NGRegClnSrv service having a service path that lacks quotes, which may all...
PT-2026-30354
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...
phpMyFAQ 安全漏洞
phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.1 contained security vulnerabilities. These vulnerabilities stemmed from an exploit that allowed bypassing the SVG cleaner, potentially allowing execution of arbitrary JavaScript...
FreeScout 安全漏洞
FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout 1.8.208 and earlier contain security vulnerabilities. These vulnerabilities stem from issues with the attachment handling logic and the SVG...
[SECURITY] Fedora 44 Update: python-lxml-html-clean-0.4.4-1.fc44
HTML cleaner from lxml project...
SiYuan 跨站脚本漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.5.10 contained a cross-site scripting vulnerability. This vulnerability stemmed from the SVG cleaner’s inability to properly check the javascript: prefix in href attributes, allowi...
EUVD-2026-9511
Pingora has HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing...
CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350
CVE-2026-28350 affects the python-lxml_html_clean project. Prior to version 0.4.4, the tag bypassed the default Cleaner configuration, and although page_structure=True removes html, head, and title, there was no specific handling for , allowing an attacker to hijack relative links on the page. T...
CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
CVE-2026-28350 lxml_html_clean: <base> tag injection through default Cleaner configuration
lxmlhtmlclean is a project for HTML cleaning functionalities copied from lxml.html.clean. Prior to version 0.4.4, the tag passes through the default Cleaner configuration. While pagestructure=True removes html, head, and title tags, there is no specific handling for , allowing an attacker to inje...
lxml_html_clean 安全漏洞
lxmlhtmlclean is a separate project derived from lxml.HTML.clean, open sourced by the Fedora Python SIG. Versions of lxmlhtmlclean prior to 0.4.4 contained security vulnerabilities. These vulnerabilities stemmed from the base tag being used with the default Cleaner configuration, which could allo...
PT-2026-22855
Name of the Vulnerable Software and Affected Versions Trend Micro Cleaner One Pro affected versions not specified Description Trend Micro Cleaner One Pro installations are susceptible to a denial-of-service condition. A local attacker can exploit this issue, potentially leading to low-privileged...