Lucene search
K

84 matches found

OSV
OSV
added 2025/03/05 10:59 p.m.6 views

CLSA-2025-1741215546 cups: Fix of CVE-2024-47175

CVE-2024-47175: fixed multiple PPD vulnerabilities by validating inputs, sanitizing strings, quoting localized data, and addressing warnings in cups/ppd-cache.c and scheduler/ipp.c...

9.8CVSS7.1AI score0.62474EPSS
Exploits6References1
Snyk
Snyk
added 2025/01/21 7:59 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS when viewing certain localized backoffice components. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an otherwise trusted website. The...

5.4CVSS5.3AI score0.00258EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/01/21 7:59 p.m.14 views

XSS/HTML Injection Vulnerability in Umbraco Backoffice Components

Impact Authenticated users are able to exploit an XSS vulnerability when viewing certain localized backoffice components. Patches Will be patched in 14.3.2 and 15.1.2. Note: This issue was reported by Pratik Patil from NetSPI @Nexusss-ppatil...

5.4CVSS5.9AI score0.00258EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2025/01/21 7:59 p.m.13 views

GHSA-WV8V-RMW2-25WC XSS/HTML Injection Vulnerability in Umbraco Backoffice Components

Impact Authenticated users are able to exploit an XSS vulnerability when viewing certain localized backoffice components. Patches Will be patched in 14.3.2 and 15.1.2. Note: This issue was reported by Pratik Patil from NetSPI @Nexusss-ppatil...

4.6CVSS4.4AI score0.00258EPSS
Exploits0References4
OSV
OSV
added 2025/01/21 3:32 p.m.21 views

CVE-2025-24012 Umbraco Backoffice Components Have XSS/HTML Injection Vulnerability

Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components. Versions 14.3.2 and 15.1.2 conta...

4.6CVSS5.8AI score0.00258EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

Umbraco 跨站脚本漏洞

Umbraco is an open source Content Management System CMS written in C by the Danish company Umbraco. A cross-site scripting vulnerability exists in Umbraco version 14.0.0 and earlier, which originates from an authenticated user viewing certain localized back-end components and can easily lead to a...

5.4CVSS5.7AI score0.00258EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.8 views

PT-2025-5259 · Umbraco · Umbraco

Name of the Vulnerable Software and Affected Versions: Umbraco versions 14.0.0 through 14.3.1 Umbraco versions 15.0.0 through 15.1.1 Description: The issue allows authenticated users to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components...

5.4CVSS6.4AI score0.00258EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:47 p.m.5 views

Malicious code in acts-as_localized (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:46 p.m.6 views

Malicious code in actionmailer-localized-preview (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.22 views

EulerOS 2.0 SP11 : git (EulerOS-SA-2023-2641)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by...

7.8CVSS7.1AI score0.52164EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.38 views

EulerOS Virtualization 3.0.6.6 : git (EulerOS-SA-2023-3398)

According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3,...

7.8CVSS7AI score0.52164EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2023/05/23 12:0 a.m.39 views

Oracle Linux 9 : git (ELSA-2023-3245)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3245 advisory. 2.39.3-1 - Update to 2.39.3 - Resolves: 2188352, 2188361, 2189976, 2189977 Tenable has extracted the preceding description block directly from the Orac...

7.8CVSS7.2AI score0.52164EPSS
Exploits5References6
SUSE CVE
SUSE CVE
added 2023/04/26 11:17 p.m.2 views

SUSE CVE-2023-25815

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...

3.3CVSS8.7AI score0.01055EPSS
Exploits0References17
NVD
NVD
added 2023/04/25 8:15 p.m.21 views

CVE-2023-25815

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...

3.3CVSS5.4AI score0.01055EPSS
Exploits0References12
Prion
Prion
added 2023/04/25 8:15 p.m.28 views

Hardcoded credentials

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...

1CVSS5.1AI score0.01055EPSS
Exploits0References10Affected Software2
Cvelist
Cvelist
added 2023/04/25 7:51 p.m.22 views

CVE-2023-25815 Git looks for localized messages in the wrong place

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...

3.3CVSS5.6AI score0.01055EPSS
Exploits0References11
AlpineLinux
AlpineLinux
added 2023/04/25 7:51 p.m.57 views

CVE-2023-25815

In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the gettext function's implicit initialization no...

3.3CVSS6.1AI score0.01055EPSS
Exploits0
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.4 views

Git for Windows 格式化字符串错误漏洞

Git for Windows is Git's Git for Windows. A formatting string error vulnerability exists in Git for Windows version 2.40.0 and prior versions, which stems from the use of hard-coded paths to find localized messages...

3.3CVSS6.9AI score0.01055EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.3 views

SUSE CVE-2009-0922

PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service stack consumption and crash by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding...

4CVSS6.6AI score0.10242EPSS
Exploits2References5
OSV
OSV
added 2022/05/14 3:45 a.m.12 views

GHSA-PWVJ-6PHX-QV8C CSRF vulnerability in Jenkins Translation Assistance plugin

Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator...

8.8CVSS8.6AI score0.00832EPSS
Exploits0References3
Rows per page
Query Builder