Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2025/10/15 4:52 p.m.4 views

CVE-2025-62380

Mailgen (Node.js) versions up to 2.0.31 expose an HTML injection/XSS risk in plaintext output generated by generatePlaintext. The plaintext cleaning code strips HTML tags with a regex, decodes HTML entities, and then replaces decoded content; however, HTML tags containing certain Unicode line sep...

6.3CVSS7AI score0.0013EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/05/31 12:0 a.m.4 views

Fedora 39 : roundcubemail (2024-a591b4dc74)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a591b4dc74 advisory. Release 1.6.7 - Makefile: Use phpDocumentor v3.4 for the Framework docs 9313 - Fix bug where HTML entities in URLs were not decoded on HTML to plain text...

5.3AI score
Exploits0References1
0day.today
0day.todayadded 2014/04/30 12:0 a.m.35 views

Lavarel-Security XSS Filter Bypass Vulnerability

Lavarel-Security cross site scripting filter suffers from a bypass vulnerability. Product: Lavarel-Security XSS Filter Bypass Vulnerability: Mutation Based XSS Bypass Impact: Medium/High Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com Status: Fixed ========= Description...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2010/07/04 12:0 a.m.1 views

Internet Explorer HTML Decoding Memory Corruption (CVE-2006-2382)

Microsoft Internet Explorer IE is the most widely used web browser application. The browser supports various languages as well as most of the known character sets. Character sets define the character encoding used in an HTML page. Languages that have more characters than the ASCII set defines nee...

10CVSS7.3AI score0.65921EPSS
Exploits0
securityvulns
securityvulnsadded 2007/05/04 12:0 a.m.39 views

TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption

TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption http://dvlabs.tippingpoint.com/advisory/TPTI-07-06 May 2, 2007 -- CVE ID: CVE-2007-2418 -- Affected Vendor: Cerulean Studios -- Affected Products: Trillian Pro 3.1 build 121 and below -- TippingPointTM IPS Customer Protection:...

10CVSS0.5AI score0.16688EPSS
Exploits0
CVE
CVEadded 2006/07/06 8:0 p.m.165 views

CVE-2006-3392

CVE-2006-3392 affects Webmin (pre-1.290) and Usermin (pre-1.220). The issue arises when the server’s miniserv.pl sanitization path uses the simplify_path function before HTML decoding, allowing a remote attacker to read arbitrary files via specially crafted URLs (eg, using ..%01 sequences that b...

5CVSS9.4AI score0.86476EPSS
Exploits2References18Affected Software2
NVD
NVDadded 2006/06/13 7:6 p.m.15 views

CVE-2006-2382

Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."...

10CVSS7.8AI score0.65921EPSS
Exploits0References17
CVE
CVEadded 2006/06/13 7:0 p.m.42 views

CVE-2006-2382

CVE-2006-2382 (HTML Decoding Memory Corruption Vulnerability) affects Microsoft Internet Explorer 5.01 SP4, 6 SP1 and earlier. It is a heap-based memory corruption flaw in decoding UTF-8 HTML, caused by a miscalculation of memory sizes when translating UTF-8 characters to Unicode, which could all...

10CVSS7.7AI score0.65921EPSS
Exploits0References17Affected Software1
Rows per page
Query Builder