Lucene search
K

55 matches found

Cvelist
Cvelist
added 2016/04/11 9:0 p.m.29 views

CVE-2015-8710

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service out-of-bounds heap memory access and application crash, or possibly have unspecified other impact via an unclosed HTML comment...

9.8AI score0.04925EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2016/04/11 9:0 p.m.41 views

CVE-2015-8710

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service out-of-bounds heap memory access and application crash, or possibly have unspecified other impact via an unclosed HTML comment...

9.8CVSS9.7AI score0.04925EPSS
Exploits0
OSV
OSV
added 2016/01/20 12:29 p.m.8 views

SUSE-SU-2016:0178-1 Security update for libxml2

This update for libxml2 fixes the following security issue: - CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application bsc960674...

9.8CVSS9.2AI score0.04925EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/12/23 12:0 a.m.35 views

CVE-2015-8710

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service out-of-bounds heap memory access and application crash, or possibly have unspecified other impact via an unclosed HTML comment...

9.8CVSS7.2AI score0.04925EPSS
Exploits0References3
OSV
OSV
added 2015/12/23 12:0 a.m.5 views

UBUNTU-CVE-2015-8710

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service out-of-bounds heap memory access and application crash, or possibly have unspecified other impact via an unclosed HTML comment...

9.8CVSS7.2AI score0.04925EPSS
Exploits0References4
Mageia
Mageia
added 2015/11/26 8:47 p.m.56 views

Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...

9.8CVSS8.3AI score0.0721EPSS
Exploits1References5
NVD
NVD
added 2009/07/10 9:0 p.m.18 views

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

5CVSS5.9AI score0.02869EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2009/07/10 9:0 p.m.28 views

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

5CVSS5.9AI score0.02869EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/07/10 8:25 p.m.22 views

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

5.9AI score0.02869EPSS
Exploits0References6
CVE
CVE
added 2009/07/10 8:25 p.m.46 views

CVE-2009-2431

CVE-2009-2431 affects WordPress 2.7.1, where the author’s username is placed in an HTML comment. This allows remote attackers to read the HTML source and harvest author identifiers (sensitive information). The underlying issue is information disclosure via HTML comments in the post output. Remedi...

5CVSS6.1AI score0.02869EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2009/07/10 8:25 p.m.17 views

CVE-2009-2431

WordPress 2.7.1 places the username of a post's author in an HTML comment, which allows remote attackers to obtain sensitive information by reading the HTML source...

5CVSS4AI score0.02869EPSS
Exploits0
Oracle linux
Oracle linux
added 2007/10/08 12:0 a.m.42 views

Moderate: kdelibs security update

3.5.4-13.el5.0.1 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm 3.5.4-13.el5 - Resolves: 293571 CVE-2007-0537 Konqueror improper HTML comment rendering CVE-2007-1564 FTP protocol PASV design flaw affects konqueror 3.5.4-12.el5 - resolves: 293421,...

6.8CVSS2.3AI score0.08185EPSS
Exploits1
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.60 views

Apple Safari / Konqueror SCRIPT tag filtering bypass

Brower follows script tags within HTML comment. It violates HTML standard...

4.3CVSS0.8AI score0.01796EPSS
Exploits1References1Affected Software3
Cvelist
Cvelist
added 2005/06/14 4:0 a.m.19 views

CVE-2005-1969

Cross-site scripting XSS vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers to inject arbitrary web script or HTML, and hide activities in log files, via a "!--" HTML comment in a session...

5.8AI score0.01164EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/07/19 12:0 a.m.30 views

[Full-Disclosure] injection html CuteNews

Original Advisory: http://www.darkbicho.iberhosting.net/advisory-11.txt ------------------------------------------------------------------------------------------------- :.: injection html CuteNews :.: PROGRAM: CuteNews HOMEPAGE: http://cutephp.com/ VERSION: v1.3.x BUG: injection html DATE:...

0.8AI score
Exploits0
Rows per page
Query Builder