Lucene search
K

15 matches found

Snyk
Snyk
added 2026/04/24 3:34 p.m.6 views

Uncontrolled Recursion

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Uncontrolled Recursion through a circular reference in the block.ts during OUTPUT mode. An attacker can cause the application to enter ...

8.7CVSS5.4AI score0.00382EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/22 6:50 p.m.5 views

EUVD-2026-6695

Inspektor Gadget uses unsanitized ANSI Escape Sequences In columns Output Mode...

9.8CVSS5.8AI score0.0056EPSS
Exploits1References4
OSV
OSV
added 2026/04/22 6:50 p.m.4 views

GHSA-34R5-6J7W-235F Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...

6.9CVSS5.9AI score0.0056EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:50 p.m.15 views

Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...

9.8CVSS5.9AI score0.0056EPSS
Exploits1References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/14 12:23 a.m.6 views

SUSE CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS5.6AI score0.0056EPSS
Exploits1References3
NVD
NVD
added 2026/02/12 9:16 p.m.7 views

CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS0.0056EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/12 8:6 p.m.29 views

CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

6.9CVSS0.0056EPSS
Exploits1References3
OSV
OSV
added 2024/10/21 1:15 p.m.1 views

DEBIAN-CVE-2024-47746

In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSEICACHEIOMODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in fusefilecachedioopen may be forever...

5.5CVSS6.1AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2022/11/04 11:15 p.m.5 views

CVE-2022-43568

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query parameter when outputmode=radio...

6.1CVSS5.8AI score0.42801EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.5 views

PT-2022-26971 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query...

8.8CVSS6.2AI score0.42801EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2020/06/08 12:0 a.m.61 views

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

5.9CVSS6.2AI score0.01928EPSS
Exploits1References1
n0where
n0where
added 2017/03/20 5:11 a.m.25 views

BGP Hijack Detection: TaBi

BGP Hijack Detection Developed since 2011 for the needs of the French Internet Resilience Observatory , TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.266 views

Oracle Linux 4 : mysql (ELSA-2010-0110)

From Red Hat Security Advisory 2010:0110 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL...

8.5CVSS7AI score0.10586EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2009/04/30 12:0 a.m.51 views

Debian DSA-1783-1 : mysql-dfsg-5.0 - multiple vulnerabilities

Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application. The Common Vulnerabilities and Exposures project identifies the following two problems : - CVE-2008-3963 Kay Roepke reported that the MySQL server would...

4CVSS5AI score0.07049EPSS
Exploits3References6
OSV
OSV
added 2004/12/31 5:0 a.m.3 views

DEBIAN-CVE-2004-2152

Cross-site scripting XSS vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML...

4.3CVSS6.2AI score0.01208EPSS
Exploits0References1
Rows per page
Query Builder