Lucene search
K

5 matches found

EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-44636

PraisonAI before 4.6.78 contains an unenforced security policy vulnerability in the default Subprocess Sandbox backend where blockedcommands, blockedpaths, blockedimports, allowsubprocess, and allowfilewrite restrictions are completely ignored. Attackers can execute arbitrary subprocess commands,...

8.7CVSS6.3AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.5 views

CVE-2019-19916

In Midori Browser 0.5.11 on Windows 10, Content Security Policy CSP is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting XSS and other...

6.1CVSS5.8AI score0.0157EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/04 2:57 p.m.17 views

CVE-2024-30250 In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists

Astro-Shield is an integration to enhance website security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques. Versions from 1.2.0 to 1.3.1 of Astro-Shield allow bypass to the allow-lists for cross-origin resources by introducing valid integrity attributes to...

7.5CVSS7.8AI score0.0031EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/10/19 9:19 p.m.5 views

CVE-2022-41691 BIG-IP Advanced WAF/ASM bd vulnerability CVE-2022-41691

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...

7.5CVSS7.5AI score0.00616EPSS
Exploits0References1
OSV
OSV
added 2021/06/07 8:15 p.m.9 views

CVE-2021-30531

Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page...

6.5CVSS5.8AI score
Exploits0References5
Rows per page
Query Builder