Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2025/07/28 7:28 a.m.6 views

qt6-qtbase: qt5-qtbase: QtCore Assertion Failure Denial of Service

A flaw was found in QtCore's qDecodeDataUrl function. This vulnerability allows an application level denial of service via a malformed data URL with a missing charset value when assertions are enabled...

8.4CVSS5.7AI score0.00309EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/24 9:50 a.m.5 views

qt6-qtbase: qt5-qtbase: QtCore Assertion Failure Denial of Service

A flaw was found in QtCore's qDecodeDataUrl function. This vulnerability allows an application level denial of service via a malformed data URL with a missing charset value when assertions are enabled...

8.4CVSS5.7AI score0.00309EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/06/24 8:46 a.m.5 views

qt6-qtbase: qt5-qtbase: QtCore Assertion Failure Denial of Service

A flaw was found in QtCore's qDecodeDataUrl function. This vulnerability allows an application level denial of service via a malformed data URL with a missing charset value when assertions are enabled...

8.4CVSS5.7AI score0.00309EPSS
Exploits0References5
OSV
OSV
added 2017/08/09 6:29 p.m.8 views

UBUNTU-CVE-2014-6393

The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting XSS attacks via characters in a non-standard encoding...

6.1CVSS6.3AI score0.01135EPSS
Exploits0References2
OSV
OSV
added 2017/08/09 6:29 p.m.8 views

DEBIAN-CVE-2014-6393

The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting XSS attacks via characters in a non-standard encoding...

6.1CVSS6.1AI score0.01135EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/12/11 5:22 p.m.8 views

Mozilla: Character encoding cross-origin XSS attack (MFSA 2013-106)

Cross-site scripting XSS vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header...

4.3CVSS7AI score0.03402EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2013/12/11 5:26 a.m.22 views

Mozilla: Character encoding cross-origin XSS attack (MFSA 2013-106)

Cross-site scripting XSS vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header...

4.3CVSS7AI score0.03402EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2008/06/25 12:36 p.m.2 views

CVE-2008-2852

Cross-site scripting XSS vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages...

4.3CVSS5.8AI score0.0125EPSS
Exploits0References7
OSV
OSV
added 2008/01/12 12:46 a.m.3 views

DEBIAN-CVE-2008-0005

modproxyftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting XSS attacks using UTF-7 encoding...

4.3CVSS7.1AI score0.14611EPSS
Exploits2References1
Rows per page
Query Builder