Lucene search
K

81 matches found

Debian
Debian
added 2026/03/30 3:9 p.m.4 views

[SECURITY] [DLA 4517-1] roundcube security update

Debian LTS Advisory DLA-4517-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin March 30, 2026 https://wiki.debian.org/LTS Package : roundcube Version : 1.4.15+dfsg.1-1+deb11u8 CVE ID : not yet available Debian Bug : 1131182 1132268 Multiple vulnerabilities were...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 4 : firefox-78.6.0-1.0.1.AXS4 (AXSA:2020-1071:28)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-1071:28 advisory. chromium-browser: Uninitialized Use in V8 CVE-2020-16042 Mozilla: Heap buffer overflow in WebGL CVE-2020-26971 Mozilla: CSS Sanitizer performed...

8.8CVSS8.7AI score0.01891EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/01/09 12:6 a.m.28 views

CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer

Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...

2.3CVSS0.00213EPSS
Exploits1References2
CVE
CVE
added 2026/01/09 12:6 a.m.14 views

CVE-2026-22712

The CVE-2026-22712 issue affects MediaWiki’s ApprovedRevs extension (versions 1.39–1.45). The root cause is improper encoding or escaping of output due to a magic word replacement in ParserAfterTidy, which can enable input data manipulation by bypassing the inline CSS sanitizer. Exploitation deta...

4.3CVSS6.5AI score0.00213EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-19497

Malware in sbrugna...

8.8CVSS9.1AI score0.01553EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7496

Malware in sbrugna...

6.1CVSS7.8AI score0.01988EPSS
Exploits0References31
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2045

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.00603EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-26973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This...

8.8CVSS8.2AI score0.01553EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/04/24 5:23 a.m.41 views

USN-6748-1: Sanitize vulnerabilities

It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting XSS attack. This issue only affected Ubuntu 22.04 LTS. CVE-2023-23627 It was discovered that Sanitize incorrectly handled...

7.1CVSS6.3AI score0.00603EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.26 views

Oracle Linux 6 : thunderbird (ELSA-2020-0123)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0123 advisory. 68.4.1-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.4.1-2 - Update to 68.4.1 build1 Tenable has...

8.8CVSS8.2AI score0.46589EPSS
Exploits8References6
OSV
OSV
added 2023/07/06 4:15 p.m.1 views

UBUNTU-CVE-2023-36823

Sanitize is an allowlist-based HTML and CSS sanitizer. Using carefully crafted input, an attacker may be able to sneak arbitrary HTML and CSS through Sanitize starting with version 3.0.0 and prior to version 6.0.2 when Sanitize is configured to use the built-in "relaxed" config or when using a...

7.1CVSS5.8AI score0.00603EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

7.5CVSS8.5AI score0.01553EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2020-0462)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01891EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.44 views

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a...

8.8CVSS8.4AI score0.01891EPSS
Exploits0References43
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.154 views

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14584-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14584-1 advisory. - Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from...

8.8CVSS8.3AI score0.01891EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2021/02/14 2:33 p.m.40 views

CVE-2020-26973

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

8.8CVSS1.8AI score0.01553EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.233 views

CentOS 8 : firefox (CESA-2020:5562)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5562 advisory. - chromium-browser: Uninitialized Use in V8 CVE-2020-16042 - Mozilla: Heap buffer overflow in WebGL CVE-2020-26971 - Mozilla: CSS Sanitizer performed...

8.8CVSS8.1AI score0.01891EPSS
Exploits0References8
NVD
NVD
added 2021/01/07 2:15 p.m.18 views

CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

8.8CVSS8.1AI score0.01553EPSS
Exploits0References4
OSV
OSV
added 2021/01/07 2:15 p.m.3 views

DEBIAN-CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

8.8CVSS8.4AI score0.01553EPSS
Exploits0References1
CVE
CVE
added 2021/01/07 1:53 p.m.256 views

CVE-2020-26973

The provided connected sources confirm CVE-2020-26973 affects Mozilla Firefox and Thunderbird, tied to the CSS Sanitizer. Affected versions include Firefox prior to 84 and Thunderbird prior to 78.6 (Firefox ESR

8.8CVSS8.1AI score0.01553EPSS
Exploits0References4Affected Software3
Rows per page
Query Builder