Lucene search
+L

533 matches found

nvd
nvd
added 2 days ago7 views

CVE-2026-61453

Grav v2.0.0 contains a cross-site scripting vulnerability fixed in 2.0.1. The XSS blueprint validator Security::detectXss runs on raw page content before Twig processing. When Twig content processing is enabled twigcontent.processenabled: true, an attacker with page-write API permission can use...

6.1CVSS0.00155EPSS
Exploits0References2
cvelist
cvelist
added 2 days ago30 views

CVE-2026-61453 Grav before 2.0.1 XSS via Twig String Concatenation

Grav v2.0.0 contains a cross-site scripting vulnerability fixed in 2.0.1. The XSS blueprint validator Security::detectXss runs on raw page content before Twig processing. When Twig content processing is enabled twigcontent.processenabled: true, an attacker with page-write API permission can use...

6.1CVSS0.00155EPSS
Exploits0References2
nvd
nvd
added 2026/06/29 8:17 p.m.7 views

CVE-2026-43734

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.0024EPSS
Exploits0References3
nvd
nvd
added 2026/06/29 8:17 p.m.9 views

CVE-2026-43676

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

6.5CVSS0.00257EPSS
Exploits0References3
osv
osv
added 2026/06/23 1:28 p.m.2 views

SUSE-SU-2026:2585-1 Security update for libxslt

This update for libxslt fixes the following issue - CVE-2023-40403: Processing web content may disclose sensitive information bsc1238591...

6.5CVSS6.6AI score0.01092EPSS
Exploits0References3
suse
suse
added 2026/06/11 4:7 p.m.7 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing...

8.8CVSS7.4AI score0.00693EPSS
Exploits0References66
bdu_fstec
bdu_fstec
added 2026/06/08 12:0 a.m.4 views

The vulnerability of the Go programming language, related to the lack of measures to neutralize special elements, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Go programming language is related to the lack of measures taken to neutralize special elements when processing the content attribute of the tag. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

6.4CVSS5.7AI score0.00314EPSS
Exploits0References6Affected Software2
nessus
nessus
added 2026/05/26 12:0 a.m.18 views

TencentOS Server 3: webkit2gtk3 (TSSA-2026:0393)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS6.8AI score0.00961EPSS
Exploits2References19
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, and watchOS 10.5. Processing web content may lead to arbitrary code execution...

8.8CVSS7.6AI score0.01016EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...

8.8CVSS8.5AI score0.29179EPSS
Exploits3References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5, and iPadOS 16.7.5; iOS 17.3, and iPadOS 17.3; macOS Sonoma 14.3; tvOS 17.3; and watchOS 10.3. Processing web content may lead to arbitrary code execution...

8.8CVSS8.3AI score0.015EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. Processing web content may result in a denial-of-service...

6.5CVSS7.1AI score0.00521EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/11 8:7 p.m.36 views

CVE-2026-28942

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

0.00462EPSS
Exploits0References6
osv
osv
added 2026/05/08 5:45 a.m.8 views

BIT-JRE-2023-42917

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against...

8.8CVSS7.6AI score0.0937EPSS
Exploits0References21
osv
osv
added 2026/05/08 5:45 a.m.7 views

BIT-JRE-2023-41074

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

8.8CVSS7.5AI score0.03609EPSS
Exploits0References17
osv
osv
added 2026/05/06 2:44 p.m.9 views

BIT-JAVA-MIN-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...

8.8CVSS7.6AI score0.29179EPSS
Exploits3References9
osv
osv
added 2026/05/06 2:44 p.m.9 views

BIT-JAVA-MIN-2023-41074

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

8.8CVSS7.5AI score0.03609EPSS
Exploits0References17
osv
osv
added 2026/05/06 2:44 p.m.9 views

BIT-JAVA-2023-41993

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...

8.8CVSS7.5AI score0.29179EPSS
Exploits3References9
osv
osv
added 2026/05/06 2:44 p.m.7 views

BIT-JAVA-2023-41074

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

8.8CVSS7.5AI score0.03609EPSS
Exploits0References17
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.20 views

PT-2026-37982

The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution...

8.8CVSS7.5AI score0.03609EPSS
Exploits0References18
Rows per page
Query Builder