Lucene search
K

19 matches found

SUSE CVE
SUSE CVE
added 2026/05/10 1:6 a.m.9 views

SUSE CVE-2026-42030

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

6.1CVSS5.9AI score0.00247EPSS
Exploits1References3
OSV
OSV
added 2026/05/08 5:16 p.m.14 views

UBUNTU-CVE-2026-42030

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

6.1CVSS5.9AI score0.00247EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:56 p.m.5 views

CVE-2026-42030

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

6.1CVSS5.9AI score0.00247EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/05/08 3:56 p.m.33 views

CVE-2026-42030 MapServer: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in OpenLayers viewer

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

6.1CVSS0.00247EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Mapserver 安全漏洞

Mapserver is an open-source platform developed by the Open Geospatial Foundation, designed for publishing spatial data and interactive map applications to the web. Vulnerabilities existed in MapServer versions from 6.0 to 8.6.2. These vulnerabilities stemmed from the combination of the...

6.1CVSS5.7AI score0.00247EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39152

MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...

6.1CVSS5.9AI score0.00247EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/15 12:30 a.m.5 views

CVE-2025-50690

A Cross-Site Scripting XSS vulnerability exists in SpatialReference.org OSGeo/spatialreference.org versions prior to 2025-05-17 commit 2120adfa17ddd535bd0f539e6c4988fa3a2cb491. The vulnerability is caused by improper handling of user input in the search query parameter. An attacker can craft a...

6.1CVSS6.2AI score0.00217EPSS
Exploits0References1
CVE
CVE
added 2025/08/13 12:0 a.m.12 views

CVE-2025-50690

CVE-2025-50690 describes a reflected XSS in SpatialReference.org (OSGeo/spatialreference.org). The issue arises from improper handling of user input in the search query parameter, enabling an unauthenticated attacker to craft a URL that reflects and executes arbitrary JavaScript in a victim’s bro...

6.1CVSS6.1AI score0.00217EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/09 1:32 a.m.5 views

SUSE CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS6.6AI score0.00199EPSS
Exploits1References3
OSV
OSV
added 2025/04/07 8:15 p.m.6 views

PYSEC-2025-117

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS5.8AI score0.00199EPSS
Exploits1References2
OSV
OSV
added 2025/04/07 8:15 p.m.6 views

AZL-59715 CVE-2025-29480 affecting package gdal 3.6.3-5

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS5.7AI score0.00199EPSS
Exploits1References1
OSV
OSV
added 2025/04/07 8:15 p.m.4 views

DEBIAN-CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS4.8AI score0.00199EPSS
Exploits1References1
OSV
OSV
added 2025/04/07 8:15 p.m.9 views

AZL-61789 CVE-2025-29480 affecting package gdal 3.6.3-2

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS5.8AI score0.00199EPSS
Exploits1References1
OSV
OSV
added 2025/04/07 8:15 p.m.1 views

UBUNTU-CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

5.5CVSS5.8AI score0.00199EPSS
Exploits1References4
OSV
OSV
added 2018/12/28 4:29 p.m.2 views

UBUNTU-CVE-2018-20539

There is a Segmentation fault triggered by illegal address access at liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1 that will cause a denial of service...

6.5CVSS6.6AI score0.0143EPSS
Exploits1References4
OSV
OSV
added 2018/12/28 4:29 p.m.2 views

UBUNTU-CVE-2018-20536

There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1 that will cause a denial of service...

6.5CVSS6.8AI score0.0143EPSS
Exploits1References4
CNVD
CNVD
added 2018/12/28 12:0 a.m.2 views

libLAS Null Pointer Dereference Vulnerability

libLAS is a C/C++ library for reading and writing the common LAS LiDAR format. A null pointer dereference vulnerability exists in liblas::SpatialReference::GetGTIF spatialreference.cpp in libLAS 1.8.1. An attacker could exploit this vulnerability to cause a denial of service...

6.5CVSS6.7AI score0.01087EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/28 12:0 a.m.3 views

libLAS Segmentation Error Vulnerability

libLAS is a C/C++ library for reading and writing the common LAS LiDAR format. A segmentation error vulnerability exists in libLAS 1.8.1. The vulnerability stems from illegal address access in liblas::SpatialReference::GetGTIF in spatialreference.cpp in libLAS. An attacker could use this...

6.5CVSS6.8AI score0.0143EPSS
Exploits1References1
Fedora
Fedora
added 2016/04/06 2:13 p.m.10 views

[SECURITY] Fedora 24 Update: nodejs-srs-1.1.0-3.fc24

This module tries to detect projections, also known as "spatial reference systems". It works similiarly to gdalsrsinfo...

4.3AI score
Exploits0
Rows per page
Query Builder