Lucene search
+L

7 matches found

Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50162

Name of the Vulnerable Software and Affected Versions Caddy versions prior to 2.11.4 Description Caddy is an extensible server platform that uses TLS by default. The stripHTML template function, specifically within the funcStripHTML function, cannot reliably remove all HTML tags from input string...

4.2CVSS6AI score0.00153EPSS
Exploits1References7
Veracode
Veracode
added 2026/02/17 1:35 p.m.10 views

Missing XML Validation

Apache Struts is vulnerable to Missing XML Validation. The vulnerability is due to improper validation of XML input data, which allows an attacker to exploit the application by submitting crafted XML content that bypasses security controls...

8.1CVSS5.6AI score0.23054EPSS
Exploits1References11Affected Software3
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.8 views

CVE-2022-23499

HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized due to a parsing issue in the...

6.1CVSS5.7AI score0.00438EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-34009

Malicious code in bioql PyPI...

10CVSS9.1AI score0.0134EPSS
Exploits1References21
Tenable Nessus
Tenable Nessus
added 2022/01/13 12:0 a.m.241 views

Oracle Linux 8 : thunderbird (ELSA-2022-0129)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0129 advisory. 91.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.5.0-1 - Update to 91.5.0 build1 Tenable has...

10CVSS7.4AI score0.0134EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2022/01/13 12:0 a.m.46 views

Oracle Linux 7 : firefox (ELSA-2022-0124)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0124 advisory. 91.5.0-1.0.2 - Enabled aarch64 builds 91.5.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 3014329...

10CVSS7.4AI score0.0134EPSS
Exploits6References13
OSV
OSV
added 2022/01/11 11:22 p.m.16 views

MGASA-2022-0013 Updated nss and firefox packages fix security vulnerabilities

It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox CVE-2021-4140. Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing a potentially exploitable cra...

10CVSS8.5AI score0.0134EPSS
Exploits6References6
Rows per page
Query Builder