Lucene search
K

18 matches found

Cvelist
Cvelist
added 2026/04/23 2:43 p.m.38 views

CVE-2026-41238 DOMPurify: Prototype Pollution to XSS Bypass via CUSTOM_ELEMENT_HANDLING Fallback

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype pollution-based XSS bypass. When an application uses DOMPurify.sanitize with the default configuration no CUSTOMELEMENTHANDLING option, a prior prototype...

6.9CVSS0.00205EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 10:16 p.m.3 views

CVE-2025-66645

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.addmediafiles function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0...

7.5CVSS0.00963EPSS
Exploits1References2
OSV
OSV
added 2025/12/09 9:41 p.m.4 views

CVE-2025-66645 NiceGUI Path Traversal Vulnerability in app.add_media_files() Allows Arbitrary File Reading

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.addmediafiles function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0...

7.5CVSS6.8AI score0.00963EPSS
Exploits1References4
CVE
CVE
added 2025/12/09 12:11 a.m.15 views

CVE-2025-66470

CVE-2025-66470 affects NiceGUI <= 3.3.1 via the ui.interactive_image component, which renders SVG content with Vue v-html without sanitization. This can lead to stored/reflected XSS through the SVG tag when images are rendered or updated. The issue is fixed in NiceGUI 3.4.0; remediation is to...

6.1CVSS5.7AI score0.00223EPSS
Exploits2References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 a.m.8 views

CVE-2019-1010296

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS7.2AI score0.02777EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/23 12:0 a.m.10 views

WordPress 우커머스 네이버페이 Plugin <= 3.3.7 is vulnerable to Cross Site Scripting (XSS)

Software 우커머스 네이버페이 Type Plugin Vulnerable versions = 3.3.7 Fixed in 3.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11231 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 648c69f3046d Credits Peter Thaleikis Required...

6.4CVSS5.8AI score0.00433EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/07/15 6:15 p.m.17 views

CVE-2019-1010296

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS9.7AI score0.02777EPSS
Exploits0References1
NVD
NVD
added 2019/07/15 6:15 p.m.13 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS7.7AI score0.01408EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.5 views

CVE-2019-1010297

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core kernel context. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.5AI score0.02723EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 6:15 p.m.6 views

CVE-2019-1010295

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.8CVSS5.5AI score0.01616EPSS
Exploits0References1
Prion
Prion
added 2019/07/15 6:15 p.m.21 views

Code injection

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

5CVSS7.7AI score0.01408EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/15 6:15 p.m.13 views

Memory corruption

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossing. The impact is: Memory corruption of the TEE itself. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS9.6AI score0.0154EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/15 6:15 p.m.17 views

Buffer overflow

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core kernel context. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS9.5AI score0.02723EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/15 6:15 p.m.14 views

Buffer overflow

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in context of TEE core kernel. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS9.5AI score0.02777EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/07/15 5:27 p.m.13 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.5CVSS7.7AI score0.01408EPSS
Exploits0
Cvelist
Cvelist
added 2019/07/15 5:27 p.m.15 views

CVE-2019-1010294

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. The impact is: Potentially leaking code and/or data from previous Trusted Application. The component is: opteeos. The fixed version is: 3.4.0 and later...

7.7AI score0.01408EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/15 5:25 p.m.16 views

CVE-2019-1010295

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Memory corruption and disclosure of memory content. The component is: opteeos. The fixed version is: 3.4.0 and later...

9.7AI score0.01616EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2019/07/15 5:22 p.m.14 views

CVE-2019-1010297

Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Execution of code in TEE core kernel context. The component is: opteeos. The fixed version is: 3.4.0 and later...

10CVSS9.8AI score0.02723EPSS
Exploits0
Rows per page
Query Builder