Lucene search
+L

33 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/17 5:51 p.m.9 views

CVE-2026-46720

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References4
CVE
CVE
added 2026/05/16 1:37 p.m.27 views

CVE-2026-46719

Net::Statsd::Lite (Perl) is affected by CVE-2026-46719 for versions prior to 0.9.0, where metric names are not validated for newlines, colons, or pipes. This allows metrics from untrusted sources to inject additional statsd metrics. Public sources in the included documents confirm the impact on m...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References3
OSV
OSV
added 2026/05/16 1:37 p.m.2 views

CVE-2026-46719 Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections

Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

6.5CVSS5.9AI score0.00306EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.15 views

PT-2026-41426

Name of the Vulnerable Software and Affected Versions Net::Statsd::Lite versions prior to 0.9.0 Description Net::Statsd::Lite for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This enables metrics generated from untrusted sources to inject...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References20
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.12 views

Net::Statsd::Lite 注入漏洞

Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.9.0 have a injection vulnerability. This vulnerability arises from the lack of checks for line breaks, colons, or vertical bars in...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References2
OSV
OSV
added 2024/06/27 4:15 p.m.4 views

ALPINE-CVE-2024-28820

Buffer overflow in the extractopenvpncr function in openvpn-cr.c in openvpn-auth-ldap aka the Three Rings Auth-LDAP plugin for OpenVPN 2.0.4 allows attackers with a valid LDAP username and who can control the challenge/response password field to pass a string with more than 14 colons into this...

6.3CVSS7.7AI score0.00421EPSS
Exploits0References1
Veracode
Veracode
added 2023/03/01 2:54 a.m.24 views

Cross-site Scripting (XSS)

@braintree/sanitize-url is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the decodeHtmlCharacters function in index.ts does not properly sanitize html encoded colons in the urlSchemeRegex parameter, which allows an attacker to inject and execute malicious JavaScript by...

6.1CVSS5.9AI score0.0056EPSS
Exploits0References4Affected Software2
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.4 views

In libexpat in Expat before 2.2.7 XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

...

7.8CVSS6.5AI score0.07107EPSS
Exploits1
OSV
OSV
added 2019/06/24 12:0 a.m.4 views

UBUNTU-CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks...

7.5CVSS6.7AI score0.07107EPSS
Exploits1References11
curl security advisories
curl security advisories
added 2016/01/27 8:0 a.m.10 views

remote filename path traversal in curl tool for Windows

curl does not sanitize colons in a remote filename that is used as the local filename. This may lead to a vulnerability on systems where the colon is a special path character. Currently Windows is the only OS where this vulnerability applies. curl offers command line options --remote-name also...

5.3CVSS6AI score0.01119EPSS
Exploits0Affected Software2
OSV
OSV
added 2016/01/27 8:0 a.m.11 views

CURL-CVE-2016-0754 remote filename path traversal in curl tool for Windows

curl does not sanitize colons in a remote filename that is used as the local filename. This may lead to a vulnerability on systems where the colon is a special path character. Currently Windows is the only OS where this vulnerability applies. curl offers command line options --remote-name also...

5.3CVSS5.3AI score0.01119EPSS
Exploits0
OSV
OSV
added 2015/12/17 12:0 a.m.31 views

DLA-371-1 foomatic-filters - security update

Bulletin has no description...

7.5CVSS7.2AI score0.05251EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

Nokia Multimedia Player 1.0 SEH Unicode Exploit

No description provided by source. ? Exploit Title: Nokia Multimedia player SEH Unicode Date: January 11 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://www.brothersoft.com/nokia-multimedia-player-download-46238.html Version: 1.00.55.5010 Tested on: Windows xp sp3 running on VMwa...

7.1AI score
Exploits0
Rows per page
Query Builder