Lucene search
K

92 matches found

CVE
CVE
added 2026/06/01 12:0 a.m.16 views

CVE-2025-60485

GPAC MP4Box contains a segmentation fault in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) that can crash the process when parsing a crafted MP4 file, affecting versions before 26.02.0. The issue is a DoS vulnerability caused by a fault in tag handling. The available references c...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.7 views

WordPress plugin Nyla 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 2:1 p.m.5 views

OPENSUSE-SU-2026:20771-1 Security update for perl-YAML-Syck

This update for perl-YAML-Syck fixes the following issues: Changes in perl-YAML-Syck: - updated to 1.450.0 1.45 Bug Fixes - Fix: use syckbase64free to fix Windows "Free to wrong pool" crash in base64 encode/decode buffers; also plugs a memory leak PR 189 - Fix: clear type tag on blessed scalar...

9.1CVSS6AI score0.00429EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.6 views

CVE-2026-41611

Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...

7.8CVSS6AI score0.00421EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/07 12:50 p.m.40 views

CVE-2026-6002 HTML Injection in DivvyDrive Information Technologies' DivvyDrive

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...

8.8CVSS0.00327EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.9.19 (RHSA-2022:0339)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0339 advisory. - jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF CVE-2022-20612 -...

8.8CVSS6AI score0.02277EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-41240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions prior to 3.4.0 have an inconsistency between FORBIDTAGS and FORBIDATT...

6.1CVSS5.7AI score0.00263EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34549

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The js output function in http.cookies.Morsel returns an inline snippet that only escapes double quotes for JavaScript string context. It fails to neutralize the HTML parser-sensitive sequence...

6.1CVSS5.1AI score0.00229EPSS
Exploits1References67
EUVD
EUVD
added 2026/04/08 9:31 a.m.3 views

EUVD-2026-20276

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

5.9AI score0.0026EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.23 views

CVE-2026-39628 WordPress DukaMarket theme <= 1.3.0 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

5.3CVSS0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

WordPress plugin Armania 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.6 views

WordPress plugin tagDiv Composer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

5.3CVSS5.9AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.4 views

PT-2026-31013

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00158EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2026/03/30 10:1 a.m.6 views

USN-8127-1: ImageMagick vulnerabilities

It was discovered that ImageMagick did not properly process certain tags prior to an image being loaded. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2026-23952 It was discovered that ImageMagick did not properly handle temporary...

7.8CVSS5.9AI score0.00475EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/03/16 10:15 p.m.12 views

USN-8101-1: Vim vulnerabilities

Rahul Hoysala discovered that Vim did not correctly handle certain tag resolutions. An attacker could possibly use this issue to cause a denial of service. CVE-2026-25749 It was discovered that Vim did not correctly handle processing certain specialKey commands. An attacker could possibly use thi...

7.8CVSS6AI score0.01162EPSS
Exploits1
OSV
OSV
added 2026/03/11 6:5 p.m.2 views

OPENSUSE-SU-2026:20345-1 Security update for python-lxml_html_clean

This update for python-lxmlhtmlclean fixes the following issues: Changes in python-lxmlhtmlclean: - CVE-2026-28348: improper keywords checking can allow external CSS loading bsc1259378 - CVE-2026-28350: lack of base tag handling can allow the hijacking of the resolution of relative URLs bsc125937...

6.1CVSS5.8AI score0.00254EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.3 views

Golang 1.25.x < 1.25.8 / 1.26.x < 1.26.1 Multiple Vulnerabilities

The version of Golang running on the remote host is prior to 1.25.8, or 1.26.x prior to 1.26.1. It is, therefore, affected by multiple vulnerabilities as referenced in the advisory. - The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted...

7.5CVSS5.8AI score0.00728EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/27 10:14 a.m.6 views

CVE-2026-28132

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through = 1.4.4...

5.3CVSS6AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 9:30 a.m.5 views

EUVD-2026-8845

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through = 1.4.4...

5.3CVSS5.3AI score0.00194EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22134

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through = 1.4.4...

5.3AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder