Cross-site Scripting (XSS)

xapian-core is vulnerable to Cross-site Scripting XSS. The vulnerability is caused due to improper handling of HTML escaping by Xapian::MSet::snippet in queryparser/termgeneratorinternal.cc. This allows an attacker to potentially execute arbitrary scripts in the context of a user's web browser wh...

GHSA-RGP8-PM28-3759 langchain vulnerable to path traversal

langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory 'Path Traversal' in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to...

SUSE CVE-2019-6455

An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...

GHSA-7QW4-W7HF-22Q3 xapian-core Cross-site Scripting vulnerability

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

xapian-core Cross-site Scripting vulnerability

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

CVE-2021-46022

An Use-After-Free vulnerability in recmsetelemdestroy at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash...

PT-2022-12508 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8.90 Description: The issue is related to an Use-After-Free vulnerability in the rec mset elem destroy function at rec-mset.c. This vulnerability can lead to a segmentation fault or application crash. Recommendations: F...

The vulnerability of the Xapian::MSet::snippet() function in the Xapian search library (xapian-core) allows a hacker to execute cross-site scripts.

The vulnerability of the Xapian::MSet::snippet function “queryparser/termgeneratorinternal.cc” from the Xapian full-text search library xapian-core is related to insufficient protection of the web page structure. Exploiting this vulnerability could allow a malicious actor to execute cross-site...

UBUNTU-CVE-2019-6455

An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...

PT-2019-18098 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8 Description: An issue was discovered in the function rec mset elem destroy in the file rec-mset.c, which has a double-free problem. Recommendations: For GNU Recutils version 1.8, consider avoiding the use of the rec...

ALPINE-CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

Cross-site Scripting (XSS)

Overview xapian-core is a provides Xapian libraries and Ruby bindings. Affected versions of this package are vulnerable to Cross-site Scripting XSS. A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escapi...

CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...

CVE-2018-0499

A cross-site scripting vulnerability in queryparser/termgeneratorinternal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet...