Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/03 3:5 p.m.1 views

CVE-2026-35540

A flaw was found in Roundcube Webmail. Insufficient sanitization of Cascading Style Sheets CSS in HTML e-mail messages may allow a remote attacker to perform Server-Side Request Forgery SSRF or disclose sensitive information. This can occur if malicious stylesheet links within an e-mail point to...

6.5CVSS5.9AI score0.00017EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2025/09/04 4:42 a.m.1 views

Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets

...

7.5CVSS8.4AI score0.10953EPSS
Exploits2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/07/11 12:16 a.m.3 views

Malicious code in sytlesheets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4553cb7abc620f13350d7baa9074fcd72865e064398eec770d217b553265485 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OpenVAS
OpenVASadded 2022/09/01 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:2949-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.10953EPSS
Exploits2References8
Prion
Prionadded 2022/07/19 6:15 p.m.33 views

Integer overflow

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

5CVSS7.9AI score0.10953EPSS
Exploits2References23Affected Software8
OSV
OSVadded 2022/07/19 6:15 p.m.0 views

UBUNTU-CVE-2022-34169

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS6.9AI score0.10953EPSS
Exploits2References9
CNNVD
CNNVDadded 2022/07/19 12:0 a.m.4 views

Apache Xalan 输入验证错误漏洞

Apache Xalan is an open source software library from the Apache Foundation USA. Apache Xalan Java XSLT Stock in Input Validation Error vulnerability stems from an integer truncation issue when processing malicious XSLT stylesheets. The vulnerability can be exploited to corrupt Java class files...

7.5CVSS5.9AI score0.10953EPSS
Exploits2References65
Tenable Nessus
Tenable Nessusadded 2001/01/22 12:0 a.m.55 views

Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: -...

7.5CVSS5.7AI score0.00828EPSS
Exploits0References1
Rows per page
Query Builder