Lucene search
+L

60 matches found

NVD
NVD
added 3 days ago9 views

CVE-2026-13397

HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

7.5CVSS0.00393EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-13401 XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes

XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

0.00388EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-44964

XML::Bare versions through 0.53 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

6.1AI score0.00388EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-13397 HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes

HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

0.00393EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-44963

HTML::Bare versions through 0.04 for Perl will hang in an infinite loop when parsing malformed attributes. The parsercparse function never advances the attribute-parse state cursor on certain malformed attribute forms, looping forever. Nameless attributes such as "" or unbalanced quotes "" can...

6.1AI score0.00393EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox

Setting a nameless cookie with an equals sign in its value can shadow other cookies. This occurs even if the nameless cookie is set via HTTP, and if the shadowed cookie includes the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird...

9.1CVSS5.4AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python-Werkzeug

Werkzeug is a comprehensive WSGI web application library. Browsers may allow “nameless” cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on a neighboring subdomain to exploit this to set a cookie like =Host-test=bad for another subdomain...

3.5CVSS6.2AI score0.00507EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:40 a.m.5 views

Security Bulletin: Cookie Parsing Vulnerability in Werkzeug Allows Subdomain Cookie Injection (≤ v2.2.2), affects watsonx.data

Summary A vulnerability in Werkzeug prior to v2.2.3 allows malicious subdomains to inject crafted "nameless" cookies that are incorrectly parsed as valid cookies. This can cause applications to accept attacker-controlled values, potentially leading to security issues. This can affect watsonx.data...

8CVSS6.8AI score0.03397EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/18 3:59 p.m.4 views

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

5.3CVSS7.2AI score0.00399EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2025-8037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie include...

9.1CVSS7.3AI score0.00217EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/28 12:0 a.m.4 views

FreeBSD : Mozilla -- cookie shadowing (5abc2187-685e-11f0-a12d-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5abc2187-685e-11f0-a12d-b42e991fc52e advisory. [email protected] reports: Setting a nameless cookie with an equals sign in the value shadowed other...

9.1CVSS5.5AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/23 11:25 p.m.7 views

SUSE CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

5.4CVSS7.3AI score0.00217EPSS
Exploits0References6
NVD
NVD
added 2025/07/22 9:15 p.m.5 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS0.00217EPSS
Exploits0References5
OSV
OSV
added 2025/07/22 9:15 p.m.8 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS5.8AI score0.00217EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/07/22 9:15 p.m.9 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability affects Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS6.5AI score0.00217EPSS
Exploits0References5
OSV
OSV
added 2025/07/22 9:15 p.m.8 views

UBUNTU-CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS7.3AI score0.00217EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2025/07/22 8:49 p.m.8 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS8.3AI score0.00217EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/22 8:49 p.m.11 views

CVE-2025-8037 Nameless cookies shadow secure cookies

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

0.00217EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/07/22 8:49 p.m.5 views

CVE-2025-8037

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

9.1CVSS5.8AI score0.00217EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2025/07/22 12:0 a.m.6 views

Mozilla -- cookie shadowing

[email protected] reports: Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute...

9.1CVSS6.7AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder