CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

514 matches found

Tenable Nessus•added 2020/04/15 12:0 a.m.•26 views

EulerOS 2.0 SP3 : lynx (EulerOS-SA-2020-1410)

According to the version of the lynx package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lynx is a text-based Web browser. Lynx does not display any images,but it does support frames, tables, and most other HTML tags. One advantage Lynx ha...

5.3CVSS6.2AI score0.0021EPSS

Exploits0References2

Veracode•added 2020/04/10 12:39 a.m.•20 views

Use-after-free

The kdelibs vulnerable use-after-free. A flaw was found in the way the KDE HTML parser handled content for the HTML "head" element. A remote attacker could create a specially-crafted HTML page, which once visited by an unsuspecting user, could cause a denial of service Konqueror crash or,...

9.3CVSS5AI score0.08455EPSS

Exploits2References30Affected Software1

Tenable Nessus•added 2020/01/27 12:0 a.m.•32 views

Debian DLA-2075-1 : jsoup security update

An issue has been found in jsoup, a Java HTML parser that makes sense of real-world HTML soup. Due to bad handling of missing '' at EOF a cross-site scripting XSS vulnerability could appear. For Debian 8 'Jessie', this problem has been fixed in version 1.8.1-1+deb8u1. We recommend that you upgrad...

6.1CVSS6.7AI score0.02044EPSS

Exploits0References3

OpenVAS•added 2020/01/27 12:0 a.m.•52 views

Debian: Security Advisory (DLA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.02044EPSS

Exploits0References3

Veracode•added 2019/12/02 4:42 p.m.•13 views

Denial Of Service (DoS) Through Infinite Loop

html-parser-lite is vulnerable to denial of service attacks. The parser enters an infinite loop when the markup is erroneous, allowing malicious users to cause a system crash...

4.6AI score

Exploits0

PyPA•added 2019/08/02 3:15 p.m.•4 views

PYSEC-2019-12

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.striptags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities...

7.5CVSS6.9AI score0.06773EPSS

Exploits0References11Affected Software1

Exploit DB•added 2019/07/25 12:0 a.m.•295 views

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads

BACKGROUND As lokihardt@ has demonstrated in https://bugs.chromium.org/p/project-zero/issues/detail?id=1121, WebKit's support of the obsolete showModalDialog method gives an attacker the ability to perform synchronous cross-origin page loads. In certain conditions, this might lead to...

7.4AI score

Exploits0

0day.today•added 2019/07/25 12:0 a.m.•54 views

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads Exploit

6.1CVSS7.6AI score0.08534EPSS

Exploits1