Lucene search
+L

36 matches found

NVD
NVD
added 2026/07/01 12:16 p.m.6 views

CVE-2026-13323

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

8.7CVSS0.0019EPSS
Exploits1References2
NVD
NVD
added 2026/06/26 11:17 p.m.14 views

CVE-2026-33560

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

8.8CVSS0.00459EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52989

Name of the Vulnerable Software and Affected Versions DMP-5000 affected versions not specified Description The file service allows authenticated users to upload files of any type without validation. The system does not enforce file extension filtering or content inspection, which enables the uplo...

8.8CVSS5.8AI score0.00459EPSS
Exploits0References9
OSV
OSV
added 2026/05/14 8:17 p.m.10 views

GHSA-M8F9-9WHG-F4XR Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions

Summary The audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serves these files via FileResponse, which sets Content-Type from the on-disk extension and emits no...

8.7CVSS6.2AI score0.0018EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/06 8:10 p.m.13 views

phpMyFAQ has stored XSS via Utils::parseUrl() in comment rendering

Summary A stored XSS vulnerability in the comment rendering pipeline allows an authenticated user to inject JavaScript that executes for every visitor of an affected FAQ or News page. An attacker with a registered account can steal admin session cookies and take over the application. Details...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2026/03/12 12:0 a.m.19 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13832)

OpenClaw is an open source framework for data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability by triggering a memory exhaustion via an oversized response with no content-length, resulting in service unavailability...

8.7CVSS5.8AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.4 views

CVE-2026-29609

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length...

8.7CVSS5.8AI score0.00426EPSS
Exploits0References1
NVD
NVD
added 2026/03/05 10:16 p.m.10 views

CVE-2026-29609

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length...

8.7CVSS0.00426EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/05 10:0 p.m.32 views

CVE-2026-29609 OpenClaw < 2026.2.14 - Denial of Service via Unbounded URL-backed Media Fetch

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length...

8.7CVSS0.00426EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/12 2:35 a.m.6 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/10 1:45 a.m.5 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/10 1:18 a.m.4 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/30 4:52 a.m.5 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/20 7:14 p.m.5 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/15 4:41 p.m.4 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.00256EPSS
Exploits0References6
OSV
OSV
added 2025/09/22 9:15 p.m.4 views

CVE-2025-57204

Stocky POS with Inventory Management & HRM ui-lib version 5.0 is affected by a Stored Cross-Site Scripting XSS vulnerability within the Products module available to authenticated users. The vulnerability resides in the product name parameter submitted to the product-creation endpoint via a standa...

5.4CVSS6.2AI score0.00236EPSS
Exploits1References2
CVE
CVE
added 2025/09/22 12:0 a.m.17 views

CVE-2025-57204

The connected documents provide concrete details for CVE-2025-57204: Stocky POS with Inventory Management & HRM (ui-lib) v5.0 is affected by a Stored XSS in the Product name field of the product-creation POST endpoint. The vulnerability arises from insufficient input sanitization and output encod...

5.4CVSS5.6AI score0.00236EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/09/22 12:0 a.m.20 views

CVE-2025-57205

Inilabs School Express (SMS Express) 6.2 is affected by a Stored XSS in content-management editors (POST /posts/edit/{id} and similar for Notices/Pages). The root cause is insufficient input sanitization and output encoding for editor parameters; payloads are saved and later rendered unsanitized,...

5.4CVSS5.5AI score0.00236EPSS
Exploits1References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/09/04 7:0 a.m.11 views

Azure Networking Elevation of Privilege Vulnerability

...

10CVSS7AI score0.02241EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

SUSE SLES12: libpython2_7-1_0 / libpython2_7-1_0-32bit / python / python-32bit / etc (SUSE-SU-2025:03032-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03032-1 advisory. - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Tenable has extracted the preceding description bloc...

7.5CVSS6.9AI score0.00611EPSS
Exploits0References4
Rows per page
Query Builder