Lucene search
K

4 matches found

AlpineLinux
AlpineLinux
added 2026/06/21 3:58 p.m.5 views

CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

5.9CVSS5.8AI score0.00105EPSS
Exploits0
OSV
OSV
added 2026/04/22 10:52 a.m.7 views

OPENSUSE-SU-2026:20611-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks sometimes soft-fail...

9.1CVSS8.6AI score0.21691EPSS
Exploits8References20
RedhatCVE
RedhatCVE
added 2026/03/05 1:40 p.m.7 views

CVE-2023-7337

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...

9.8CVSS6AI score0.02041EPSS
Exploits0References1
OSV
OSV
added 2015/12/03 8:59 p.m.4 views

UBUNTU-CVE-2015-8078

Integer overflow in the indexurlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the sectionoffset variable. NOTE: this vulnerability exists because of an incomplete fix for...

7.5CVSS7.4AI score0.02753EPSS
Exploits0References2
Rows per page
Query Builder