Lucene search
K

4 matches found

OSV
OSV
added 2026/04/20 12:13 p.m.6 views

CLSA-2026-1776687226 Fix CVE(s): CVE-2024-52005

SECURITY UPDATE: ANSI escape sequence injection via sideband - debian/patches/CVE-2024-52005.patch: add strbufaddsanitized to mask control characters in sideband output in sideband.c. - CVE-2024-52005...

8.8CVSS7.2AI score0.00494EPSS
Exploits1References1
OSV
OSV
added 2025/03/14 7:54 p.m.5 views

GHSA-VHV4-FH94-JM5X JS Html Sanitizer allows XSS when used with contentEditable

Impact XSS vulnerability when the sanitizer is used with a contentEditable element to set the elements innerHTML to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation. Patches Patched in version 2.0.3...

6.9CVSS6.8AI score0.00373EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/29 2:26 p.m.33 views

CVE-2024-28867 Swift Prometheus un-sanitized metric name or labels can be used to take over exported metrics

Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies un-sanitized string values into metric names or labels, an attacker could make use of this and send a ?lang query parameter containing newlines, or similar...

5.9CVSS5.8AI score0.00645EPSS
Exploits1References2
RubySec
RubySec
added 2016/01/14 12:0 a.m.16 views

Ember.js XSS Vulnerability with User-Supplied JSON

By default, Ember will escape any values in Handlebars templates that use double curlies value. Developers can specifically opt out of this escaping behavior by passing an instance of SafeString rather than a raw string, which tells Ember that it should not escape the string because the developer...

6.1CVSS1.4AI score0.00816EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder