Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/05/29 6:39 p.m.29 views

CVE-2026-7259

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2026/03/12 12:0 a.m.11 views

vim security update

8.0.1763-22.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-22 - RHEL-147935 CVE-2026-25749 vim: Heap Overflow in Vim...

6.6CVSS5.8AI score0.00213EPSS
Exploits1
Oracle linux
Oracle linux
added 2025/10/09 12:0 a.m.14 views

vim security update

8.0.1763-21.0.1 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-21 - RHEL-112003 CVE-2025-53905 vim: Vim path traversial - RHEL-112007 CVE-2025-53906 vim: Vim path traversal 2:8.0.1763-20 - fix issue...

4.1CVSS7.6AI score0.02276EPSS
Exploits8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-2988

Malware in sbrugna...

5CVSS6.4AI score0.01665EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-1762

Malware in sbrugna...

5CVSS6.4AI score0.02111EPSS
Exploits0References6
OSV
OSV
added 2024/11/05 10:19 p.m.12 views

GHSA-HXF5-99XG-86HW cap-std doesn't fully sandbox all the Windows device filenames

Impact cap-std's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits, such as "COM¹", "COM²", "LPT⁰", "LPT¹", and so o...

2.3CVSS6.4AI score0.0056EPSS
Exploits0References8
OSV
OSV
added 2024/10/31 8:50 a.m.19 views

SUSE-SU-2024:3844-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

7.5CVSS7.2AI score0.01256EPSS
Exploits0References9
OSV
OSV
added 2024/10/31 8:50 a.m.17 views

SUSE-SU-2024:3843-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

7.5CVSS7.2AI score0.01256EPSS
Exploits0References6
OSV
OSV
added 2024/09/02 2:44 p.m.14 views

SUSE-SU-2024:3082-1 Security update for 389-ds

This update for 389-ds fixes the following issues: Security issues fixed: - CVE-2024-3657: Fixed potential denial of service via specially crafted kerberos AS-REQ request bsc1225512 - CVE-2024-5953: Fixed a denial of service caused by malformed userPassword hashes bsc1226277 - CVE-2024-2199: Fixe...

7.5CVSS6.9AI score0.01256EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.32 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2024:2910-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2910-1 advisory. Security issues fixed: - CVE-2024-3657: Fixed potential denial of service via specially crafted kerberos AS-REQ request bsc1225512 ...

7.5CVSS6.6AI score0.01256EPSS
Exploits0References11
Oracle linux
Oracle linux
added 2022/08/05 12:0 a.m.224 views

vim security update

8.0.1763-19.0.1.4 - Remove upstream references Orabug: 31197557 - Added glibc-gconv-extra to common requires to provide ISO-8859-2 Orabug: 34114984 2:8.0.1763-19.4 - fix issue reported by covscan 2:8.0.1763-19.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in...

7.8CVSS1.9AI score0.01601EPSS
Exploits3
Openbugbounty
Openbugbounty
added 2018/06/27 10:18 a.m.14 views

postaisde.pt XSS vulnerability

Open Bug Bounty ID: OBB-637343 Description| Value ---|--- Affected Website:| postaisde.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/04 3:33 a.m.12 views

elseptimoarte.net XSS vulnerability

Open Bug Bounty ID: OBB-611902 Description| Value ---|--- Affected Website:| elseptimoarte.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2018/03/13 3:58 p.m.15 views

codes.iarc.fr XSS vulnerability

Open Bug Bounty ID: OBB-579540 Description| Value ---|--- Affected Website:| codes.iarc.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/02/24 1:31 p.m.13 views

entresaoneetsalon.fr XSS vulnerability

Open Bug Bounty ID: OBB-567289 Description| Value ---|--- Affected Website:| entresaoneetsalon.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
NVD
NVD
added 2014/07/26 3:55 p.m.11 views

CVE-2014-2966

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

5CVSS6AI score0.01665EPSS
Exploits0References2
Prion
Prion
added 2014/07/26 3:55 p.m.16 views

Design/Logic Flaw

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

5CVSS6.4AI score0.01665EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/07/26 3:0 p.m.56 views

CVE-2014-2966

CVE-2014-2966 affects Resin Pro before 4.0.40. The ISO-8859-1 encoder does not perform Unicode transformations correctly, allowing crafted characters to bypass restrictions and the XSS protection mechanism in HTTP responses. The primary affected component is Resin Pro’s ISO-8859-1 output handling...

5CVSS6.1AI score0.01665EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/07/26 3:0 p.m.20 views

CVE-2014-2966

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism...

6AI score0.01665EPSS
Exploits0References2
CERT
CERT
added 2014/07/23 12:0 a.m.19 views

Resin Pro improperly performs Unicode transformations

Overview Resin Pro 4.0.39 and possibly earlier versions improperly performs Unicode transformations. Description CWE-20:Improper Input Validation Resin Pro 4.0.39 and possibly earlier versions perform incorrect Unicode transformations on output to HTTP responses for ISO-8859-1. This allows an...

5CVSS6.2AI score0.01665EPSS
Exploits0References2
Rows per page
Query Builder