Lucene search
K

5 matches found

Debian CVE
Debian CVE
added 2026/06/23 3:7 p.m.37 views

CVE-2026-55766

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request method, protocol version, and response reason phrase. If an application placed attacker-controlled dat...

4.8CVSS5.8AI score0.00158EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/22 8:50 p.m.21 views

CVE-2026-44311 Fabric.js: Improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization

Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting XSS vulnerability exists in Fabric.js due to improper escaping of user-controlled input during SVG serialization via the toSVG method. Specifically, the color field within the colorStops array of a...

5.4CVSS0.00194EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.9 views

DiskCache 安全漏洞

DiskCache: Disk Backed Cache is a disk backup cache tool developed by Grant Jenks. Versions of DiskCache 5.6.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the default use of Python pickle for serialization, which could allow attackers to execute arbitrary co...

9.8CVSS7.6AI score0.00521EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1245

Malware in sbrugna...

9.8CVSS9.2AI score0.02535EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2022/06/16 12:0 a.m.4 views

abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

5.9AI score
Exploits0References4Affected Software1
Rows per page
Query Builder