Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

96 matches found

Cvelist
Cvelistadded 2023/10/09 1:31 p.m.33 views

CVE-2023-43643 mXSS in AntiSamy

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the...

6.1CVSS6.4AI score0.00476EPSS
Exploits1References2
CVE
CVEadded 2023/10/09 1:31 p.m.104 views

CVE-2023-43643

CVE-2023-43643 concerns AntiSamy, a library for cleansing HTML. The connected documents confirm a mutation XSS (mXSS) vulnerability in Ant iSamy prior to 1.7.4 when preserveComments is enabled and certain tags are allowed, allowing crafted inputs to make comment-tag elements executable in sanitiz...

6.1CVSS6.2AI score0.00476EPSS
Exploits1References2Affected Software1
Huntr
Huntradded 2022/09/04 8:16 p.m.27 views

Desktop APP XSS to RCE

📝 Description Bypass disabled plugins configuration According to its default configuration, drawio desktop disables the use of custom plugin and must be using --enable-plugins to enable it. In addition, draw.io allows you to configure the application mainly the interface using a json file...

4.4CVSS7AI score0.01338EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2021/05/28 12:0 a.m.40 views

CentOS 8 : python38:3.8 (CESA-2021:1879)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1879 advisory. - python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 - python-lxml: mXSS due to the use of improper parser...

9.8CVSS7.8AI score0.23293EPSS
Exploits3References4
Oracle linux
Oracle linuxadded 2021/05/25 12:0 a.m.49 views

python-lxml security update

4.2.3-2 - Security fix for CVE-2020-27783: mXSS due to the use of improper parser Resolves: rhbz1901633...

6.1CVSS2.7AI score0.03934EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2021/05/19 12:0 a.m.42 views

RHEL 8 : python38:3.8 (RHSA-2021:1879)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1879 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.8CVSS7.8AI score0.23293EPSS
Exploits3References13
Tenable Nessus
Tenable Nessusadded 2021/05/19 12:0 a.m.28 views

RHEL 8 : python-lxml (RHSA-2021:1898)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1898 advisory. lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: mX...

6.1CVSS7.4AI score0.03934EPSS
Exploits1References6
Tenable Nessus
Tenable Nessusadded 2021/05/19 12:0 a.m.48 views

RHEL 8 : python27:2.7 (RHSA-2021:1761)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1761 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic...

9.8CVSS7.8AI score0.23293EPSS
Exploits3References13
RedHat Linux
RedHat Linuxadded 2021/05/18 2:56 p.m.84 views

Moderate: Red Hat Security Advisory: python-lxml security update

An update for python-lxml is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.1CVSS6.5AI score0.03934EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2021/05/18 2:50 p.m.97 views

Moderate: Red Hat Security Advisory: python38:3.8 security update

An update for the python38:3.8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.23293EPSS
Exploits3References8
RedHat Linux
RedHat Linuxadded 2021/05/18 2:2 p.m.113 views

Moderate: Red Hat Security Advisory: python27:2.7 security and bug fix update

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.23293EPSS
Exploits3References7
OSV
OSVadded 2021/05/18 6:21 a.m.32 views

RLSA-2021:1898 Moderate: python-lxml security update

lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Security Fixes: python-lxml: mXSS due to the use of improper parser CVE-2020-27783 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

6.1CVSS6.8AI score0.03934EPSS
Exploits1References2
Rockylinux
Rockylinuxadded 2021/05/18 6:21 a.m.39 views

python-lxml security update

An update is available for python-lxml. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list lxml is an XML processing library providing access to libxml2 and libxslt...

6.1CVSS6.8AI score0.03934EPSS
Exploits1
OSV
OSVadded 2021/05/18 6:18 a.m.30 views

ALSA-2021:1879 Moderate: python38:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS9.1AI score0.23293EPSS
Exploits3References4
OSV
OSVadded 2021/05/18 6:18 a.m.28 views

RLSA-2021:1879 Moderate: python38:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.5CVSS9AI score0.23293EPSS
Exploits3References7
AlmaLinux
AlmaLinuxadded 2021/05/18 6:18 a.m.53 views

Moderate: python38:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.8CVSS9.4AI score0.23293EPSS
Exploits3References4
Rockylinux
Rockylinuxadded 2021/05/18 6:18 a.m.46 views

python38:3.8 security update

An update is available for python-psycopg2, python-PyMySQL, python-lxml, python3x-six, python-urllib3, PyYAML, python-jinja2, python-requests, modwsgi, python38, python-asn1crypto, python3x-pip, python-chardet, python-markupsafe, Cython, python-psutil, python-ply, babel, python-wheel,...

9.8CVSS9.3AI score0.23293EPSS
Exploits3
OSV
OSVadded 2021/05/18 6:2 a.m.32 views

RLSA-2021:1761 Moderate: python27:2.7 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

6.5CVSS9AI score0.23293EPSS
Exploits3References6
AlmaLinux
AlmaLinuxadded 2021/05/18 6:2 a.m.61 views

Moderate: python27:2.7 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

9.8CVSS9.4AI score0.23293EPSS
Exploits3References5
Rockylinux
Rockylinuxadded 2021/05/18 6:2 a.m.37 views

python27:2.7 security and bug fix update

An update is available for python-pymongo, python2-rpm-macros, python-sqlalchemy, python-backports, python-docutils, pytest, python-psycopg2, python-lxml, python-PyMySQL, python-urllib3, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-requests, python-mock,...

9.8CVSS9.3AI score0.23293EPSS
Exploits3
Rows per page
Query Builder