Lucene search
+L

10 matches found

OSV
OSV
added 2026/01/20 12:8 p.m.2 views

OPENSUSE-SU-2026:20065-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.4. Security issues fixed: - CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208....

9.8CVSS7.8AI score0.32483EPSS
Exploits15References60
Amazon
Amazon
added 2025/06/10 12:0 a.m.3 views

Medium: ecs-init

Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...

6.5CVSS9.6AI score0.00478EPSS
Exploits0
OSV
OSV
added 2024/12/06 4:37 p.m.19 views

SUSE-SU-2024:4079-2 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 bsc1232747: - CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. - CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from...

5.4CVSS6.4AI score0.0095EPSS
Exploits0References6
Redos
Redos
added 2023/07/06 12:0 a.m.12 views

ROS-2-1745

2.1745 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.3AI score0.03582EPSS
Exploits1
OSV
OSV
added 2021/07/24 4:5 p.m.10 views

OPENSUSE-SU-2021:1088-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. bsc1188220 - CVE-2021-22924: Bad connection reuse due to flawed path name checks. bsc1188219 - CVE-2021-22923: Insufficiently Protected Credentials. bsc1188218 - CVE-2021-22922: Wrong conten...

6.5CVSS5.3AI score0.0627EPSS
Exploits4References9
CNVD
CNVD
added 2021/06/30 12:0 a.m.12 views

Machform HTTP Host Header Injection Vulnerability

MachForm is an HTML form builder that lets you create contact forms, surveys, order forms or any other web form without writing code. An HTTP host header injection vulnerability exists in versions prior to Machform 16. The vulnerability stems from improper validation of the host header. An attack...

6.1CVSS6.8AI score0.00722EPSS
Exploits0References1
OSV
OSV
added 2020/03/06 4:13 p.m.31 views

MGASA-2020-0123 Updated chromium-browser-stable packages fix security vulnerabilities

Chromium-browser 80.0.3987.122 fixes security issues: Multiple flaws were found in the way Chromium 79.0.3945.130 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information...

8.8CVSS7.6AI score0.78808EPSS
Exploits29References8
OSV
OSV
added 2017/08/28 10:48 p.m.10 views

MGASA-2017-0317 Chromium-browser 60.0.3112.101 fixes security issues

Multiple flaws were found in the way Chromium 57 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060,...

8.8CVSS8AI score0.31212EPSS
Exploits1References12
OSV
OSV
added 2016/03/09 10:57 p.m.10 views

MGASA-2016-0105 Updated firefox packages fix security vulnerabilities

Updated nss and firefox packages fix security vulnerabilities: Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash...

10CVSS7.9AI score0.30946EPSS
Exploits9References21
security_vulns
security_vulns
added 2002/03/26 12:0 a.m.290 views

Bypassing content filtering

There are common methods allowing to bypass almost any content filtering software antiviral products, CVP firewalls, mail attachment filters, etc. I believe multiple products are vulnerable. Contents: I. Bypassing attachment detection or invalid detection of attachment type. 1. Encoded filename o...

6.7AI score
Exploits0
Rows per page
Query Builder