Lucene search
K

31 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0088

Malware in sbrugna...

6.1CVSS6.5AI score0.02438EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2014-3146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting XSS attacks via...

6.1CVSS5.7AI score0.06333EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 5 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

6.1CVSS6.6AI score0.06333EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 6 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

6.1CVSS6.6AI score0.06333EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 7 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

6.1CVSS6.6AI score0.06333EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2022/05/14 4:1 a.m.3 views

doc2dash (=1.2.0), document-clipper (>=0.9.0 <=0.13.6) +1 more potentially affected by CVE-2014-3146 via lxml (>=3.2.3 <=3.3.2)

lxml PYPI version =3.2.3, =0.9.0, =0.13.6 - rymtracks =0.1.2 Source cves: CVE-2014-3146 Source advisory: OSV:GHSA-57QW-CC2G-PV5P...

6.1CVSS6.3AI score0.06333EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2022/05/13 1:13 a.m.28 views

Improper Neutralization of Input During Web Page Generation in LXML

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to...

6.1CVSS2.8AI score0.02438EPSS
Exploits1References8Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2014-0218)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.06333EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/07/06 12:0 a.m.33 views

EulerOS Virtualization 3.0.2.2 : python-lxml (EulerOS-SA-2021-2162)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct...

6.1CVSS6.3AI score0.06333EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2014:1282-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.06333EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.30 views

EulerOS 2.0 SP3 : python-lxml (EulerOS-SA-2021-1839)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused differe...

6.1CVSS6.3AI score0.06333EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/03/04 12:0 a.m.30 views

EulerOS Virtualization 3.0.6.6 : python-lxml (EulerOS-SA-2021-1514)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which...

6.1CVSS6.3AI score0.06333EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.30 views

EulerOS 2.0 SP2 : python-lxml (EulerOS-SA-2021-1352)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scriptin...

6.1CVSS6.5AI score0.06333EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2021-1352)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.06333EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/10/30 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2020-2296)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.06333EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/10/30 12:0 a.m.30 views

EulerOS 2.0 SP5 : python-lxml (EulerOS-SA-2020-2296)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scriptin...

6.1CVSS6.5AI score0.06333EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2018/12/10 12:0 a.m.42 views

Debian: Security Advisory (DLA-1604-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.06333EPSS
Exploits1References2
Prion
Prion
added 2018/12/02 10:29 a.m.18 views

Design/Logic Flaw

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to...

4.3CVSS5.8AI score0.06333EPSS
Exploits2References5Affected Software3
Debian CVE
Debian CVE
added 2018/12/02 10:0 a.m.25 views

CVE-2018-19787

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to...

6.1CVSS6.8AI score0.02438EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2018/12/02 12:0 a.m.27 views

CVE-2018-19787

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to...

6.1CVSS6.7AI score0.02438EPSS
Exploits1References3
Rows per page
Query Builder