Lucene search
K

10 matches found

EUVD
EUVD
added 2026/06/26 3:32 p.m.8 views

EUVD-2026-39775

Mattermost versions 10.11.x = 10.11.18, 11.6.x = 11.6.3, 11.5.x = 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into to...

3.5CVSS5.8AI score0.00194EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/19 7:34 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the group parsing process. An attacker can cause memory exhaustion and disrupt the container runtime API by supplying a maliciously crafted image that triggers unbounded parsing,...

6.9CVSS5.9AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-13444

Malware in sbrugna...

4.3CVSS4.8AI score0.00592EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/06 5:21 p.m.7 views

CVE-2025-2336

Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and...

4.8CVSS7AI score0.00354EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/29 6:30 p.m.2 views

Incomplete Filtering of Special Elements

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Incomplete Filtering of Special Elements due to improper sanitization of the href and xlink:href attributes in SVG elements. An attacker can bypass image...

6.3CVSS6.8AI score0.00375EPSS
Exploits0References2
OSV
OSV
added 2024/09/09 3:30 p.m.1 views

GHSA-MQM9-C95H-X2P6 AngularJS allows attackers to bypass common image source restrictions

Improper sanitization of the value of the srcset attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing . This issue affects all versions of...

6.3CVSS7AI score0.00599EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.4 views

AngularJS 安全漏洞

AngularJS is a TypeScript-based open source web application framework from AngularJS Open Source. A security vulnerability exists in AngularJS that stems from mishandling the value of the srcset attribute in the source HTML element, which could allow an attacker to bypass common image source...

4.8CVSS6.2AI score0.00599EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2018/07/16 3:7 p.m.61 views

Security update for singularity (moderate)

This update for singularity fixes the following issues: - CVE-2018-12021: A race condition might have allowed malicious users to bypass directory image restrictions, like mounting the host root filesystem as a container image boo1100333...

3.8AI score0.01596EPSS
Exploits0References1
OSV
OSV
added 2018/07/16 9:52 a.m.3 views

OPENSUSE-SU-2018:1969-1 Security update for singularity

This update for singularity fixes the following issues: - CVE-2018-12021: A race condition might have allowed malicious users to bypass directory image restrictions, like mounting the host root filesystem as a container image boo1100333...

6.8CVSS6.9AI score0.01596EPSS
Exploits0References3
Prion
Prion
added 2010/12/30 9:0 p.m.13 views

Design/Logic Flaw

MyBB aka MyBulletinBoard before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of img MyCodes by editing a post after it has been created...

3.5CVSS6.8AI score0.01981EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder