CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...

USN-7258-1 ckeditor vulnerabilities

Kevin Backhouse discovered that CKEditor did not properly sanitize HTML content. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...

CVE-2023-42821

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion 0.0.0-20230922105210-14b16010c2ee, which corresponds with commit 14b16010c2ee7ff33a940a541d993bd043a88940, parsing malformed markdown input with parser that uses...

Mozilla: Crash in DOMParser due to out-of-memory conditions

The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations...

Mozilla: Crash in DOMParser due to out-of-memory conditions

The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations...

RHEL 7 : .NET Core 3.1 on RHEL 7 (RHSA-2022:2194)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2194 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 8 : .NET 5.0 (RHSA-2022:2200)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2200 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 8 : .NET 6.0 (RHSA-2022:2199)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2199 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 8 : .NET Core 3.1 (RHSA-2022:2202)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:2202 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Important: Red Hat Security Advisory: .NET Core 3.1 security, bug fix, and enhancement update

An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2022:2200 Important: .NET 5.0 security, bug fix, and enhancement update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core...

RLSA-2022:2200 Important: .NET 5.0 security, bug fix, and enhancement update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core...

Important: .NET 5.0 security, bug fix, and enhancement update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core...

.NET 6.0 security, bug fix, and enhancement update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

ALSA-2022:2199 Important: .NET 6.0 security, bug fix, and enhancement update

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 6.0.105 and .NET Core...

html5lib cross-site scripting vulnerability (CNVD-2017-00053)

html5lib is a Python library for parsing HTML. A cross-site scripting vulnerability exists in html5lib, which stems from the program's failure to adequately filter user-submitted input. The vulnerability can be exploited to execute arbitrary script code in a user's browser to steal cookie-based...