Lucene search
K

546 matches found

RedHat Linux
RedHat Linux
added 5 days ago1 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 5 days ago2 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 5 days ago3 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 5 days ago3 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-15308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontroll...

8.7CVSS6.1AI score0.00553EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42638

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References7
OSV
OSV
added 6 days ago4 views

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations

The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data...

8.7CVSS6.1AI score0.00553EPSS
Exploits0References11
CVE
CVE
added 6 days ago188 views

CVE-2026-15308

The CVE-2026-15308 issue concerns Python’s incremental HTML parser (html.parser.HTMLParser) where the feed() path can cause CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data. The root cause is tied to how unterminated markup declarations are...

8.7CVSS5.9AI score0.00553EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 6 days ago7 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.6AI score0.00178EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/01 7:33 p.m.5 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.5AI score0.00178EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/01 6:46 p.m.8 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.5AI score0.00178EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/01 12:34 a.m.14 views

EUVD-2026-40665

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00171EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS0.00171EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00171EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00171EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54253

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the HTMLParser allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is a vulnerability that allows scripts to execute across...

9.6CVSS6.2AI score0.00413EPSS
Exploits0References448
OSV
OSV
added 2026/06/25 7:40 a.m.10 views

BIT-PYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

6.1CVSS5.2AI score0.00229EPSS
Exploits1References7
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.8 views

Astra Linux – Vulnerability in Firefox

Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS6.1AI score0.00552EPSS
Exploits0References2
OSV
OSV
added 2026/06/20 6:49 a.m.2 views

SUSE-SU-2026:22189-1 Security update for perl-HTML-Parser

This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap memory in decodeentities bsc1267606...

7.5CVSS5.8AI score0.0031EPSS
Exploits0References3
Rows per page
Query Builder