13 matches found
Cross-site Scripting (XSS)
xapian-core is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of HTML escaping by Xapian::MSet::snippet in queryparser/termgeneratorinternal.cc. This allows an attacker to potentially execute arbitrary scripts in the context of a user's web browser wh...
GHSA-RGP8-PM28-3759 langchain vulnerable to path traversal
langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory 'Path Traversal' in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to...
SUSE CVE-2019-6455
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...
GHSA-7QW4-W7HF-22Q3 xapian-core Cross-site Scripting vulnerability
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
xapian-core Cross-site Scripting vulnerability
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
PT-2022-12508 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8.90 Description: The issue is related to an Use-After-Free vulnerability in the rec mset elem destroy function at rec-mset.c. This vulnerability can lead to a segmentation fault or application crash. Recommendations: F...
UBUNTU-CVE-2019-6455
An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...
PT-2019-18098 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8 Description: An issue was discovered in the function rec mset elem destroy in the file rec-mset.c, which has a double-free problem. Recommendations: For GNU Recutils version 1.8, consider avoiding the use of the rec...
ALPINE-CVE-2018-0499
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
CVE-2018-0499
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
Cross-site Scripting (XSS)
Overview xapian-core is a provides Xapian libraries and Ruby bindings. Affected versions of this package are vulnerable to Cross-site Scripting XSS. A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escapi...
CVE-2018-0499
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...
CVE-2018-0499
A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...