Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 4:1 p.m.8 views

CVE-2026-45553

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...

7.5CVSS5.7AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.14 views

CVE-2026-45553

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...

7.5CVSS0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 3:34 p.m.8 views

CVE-2026-45553 NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...

7.5CVSS5.7AI score0.00255EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:34 p.m.9 views

CVE-2026-45553

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...

7.5CVSS5.8AI score0.00255EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/02 3:34 p.m.49 views

CVE-2026-45553 NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...

7.5CVSS0.00255EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 3:34 p.m.22 views

CVE-2026-45553

CVE-2026-45553 affects NiceGUI prior to v3.12.0. The server-side reStructuredText renderer (ui.restructured_text) passes content through Docutils without disabling file insertion directives, enabling an attacker-controlled input to trigger include, csv-table with :file:, or raw with :file:. This ...

7.5CVSS5.8AI score0.00255EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

NiceGUI 信息泄露漏洞

NiceGUI is an easy-to-use, Python-based UI framework developed under the open source license. Versions of NiceGUI prior to 3.12.0 contained a vulnerability related to information leakage. This vulnerability stemmed from the fact that the ui.restructuredtext function did not disable the file...

7.5CVSS5.2AI score0.00255EPSS
Exploits0References3
CVE
CVE
added 2026/02/08 8:32 p.m.14 views

CVE-2026-2184

CVE-2026-2184 affects the Great Developers Certificate Generation System. The vulnerability is located in unknown code within the "/restructured/csv.php" file, where the manipulation of the photo argument leads to an OS command injection. It can be exploited remotely, and multiple sources corrobo...

9.8CVSS7.2AI score0.09902EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/08 8:2 p.m.8 views

CVE-2026-2183

A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00233EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.7 views

Certificate Generation System 代码问题漏洞

Certificate Generation System is an open-source web-based certificate generation system developed by Great Developers. The Certificate Generation System has a code vulnerability that stems from incorrect operations with the /restructured/csv.php file, which may lead to unlimited uploads...

9.8CVSS6.7AI score0.00233EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0004

Malware in sbrugna...

6.8CVSS6.1AI score0.01864EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-0006

Malware in sbrugna...

2.1CVSS6AI score0.00422EPSS
Exploits0References18
OSV
OSV
added 2022/05/01 7:9 a.m.9 views

GHSA-JCJP-QQPQ-PC54 Zope allows local users to read arbitrary files

Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 Zope2 does not disable the "raw" command when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows local users to read arbitrary files...

2.1CVSS6.1AI score0.00422EPSS
Exploits0References8
HackRead
HackRead
added 2020/11/17 5:30 p.m.35 views

Over 80% companies re-structured their cybersecurity infrastructure in 2020

By Uzair Amir Over 80 percent of enterprises have transformed their approach to cybersecurity. This change has been led by large-scale enterprises. This is a post from HackRead.com Read the original post: Over 80% companies re-structured their cybersecurity infrastructure in 2020...

2.9AI score
Exploits0
n0where
n0where
added 2014/10/29 6:50 p.m.68 views

Web Auditing Framework: GoLismero

GoLismero is an open source framework for security testing. It’s currently geared towards web security, but it can easily be expanded to other kinds of scans. Features: Real platform independence. Tested on Windows, Linux, BSD and OS X. No native library dependencies. All of the framework has bee...

7.3AI score
Exploits0References2
PyPA
PyPA
added 2011/02/22 6:0 p.m.8 views

PYSEC-2011-6

Cross-site scripting XSS vulnerability in the reStructuredText rst parser in parser/textrst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some...

2.6CVSS6.1AI score0.02517EPSS
Exploits1References15Affected Software1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian: Security Advisory (DSA-1113)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.7AI score0.00422EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2006/07/21 2:3 p.m.22 views

CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS5.9AI score0.01864EPSS
Exploits0References1
OSV
OSV
added 2006/07/21 2:3 p.m.3 views

DEBIAN-CVE-2006-3695

Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text reStructuredText functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting XSS attacks, or cause a denial of service via...

6.8CVSS6.3AI score0.01864EPSS
Exploits0References1
OSV
OSV
added 2006/07/18 12:0 a.m.27 views

DSA-1113 zope2.7 - programming error

Bulletin has no description...

2.1CVSS6AI score0.00422EPSS
Exploits0
Rows per page
Query Builder