25 matches found
OpenNebula 跨站脚本漏洞
OpenNebula is an open-source cloud computing platform developed by OpenNebula, used for managing heterogeneous distributed data center infrastructure. Version 6.10.0.1 of OpenNebula contains a cross-site scripting vulnerability. This vulnerability arises from injecting a specially crafted payload...
BoidCMS 安全漏洞
BoidCMS is an open-source, free CMS for flat files. It’s used to build simple websites and blogs. It’s developed using PHP and JSON as the database. Versions of BoidCMS prior to 2.1.3 had security vulnerabilities. These vulnerabilities stemmed from insufficient cleanup of tpl parameters, which...
WWBN AVideo 跨站脚本漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from parameters in the templates not being properly encoded, which could lead to reflective...
CVE-2025-62426
A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chattemplatekwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API...
CVE-2025-62426
Summary: CVE-2025-62426 affects vLLM up to versions before 0.11.1. The /v1/chat/completions and /tokenize endpoints accept a chat_template_kwargs parameter that is used before validation, allowing an attacker to block the API server by forcing large tokenization tasks and delaying all other reque...
vLLM 安全漏洞
vLLM is a high throughput and memory efficient inference and service engine for LLM from vLLM open source. A security vulnerability exists in vLLM version 0.5.5 through versions prior to 0.11.1, which stems from insufficient validation of the chattemplatekwargs parameter, and may result in API...
Allocation of Resources Without Limits or Throttling
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the chattemplate and chattemplatekwargs parameters. An attacker can cause excessive CPU...
EUVD-2011-4540
Malware in sbrugna...
SUSE CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
DEBIAN-CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters...
DEBIAN-CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5439
CVE-2017-5439 is a use-after-free in XSLT processing caused by improper handling of template parameters (nsTArray Length()) in Mozilla code, affecting Firefox and Thunderbird. It targets Firefox < 53 (and related ESR branches) and Thunderbird
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
UBUNTU-CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
DEBIAN-CVE-2011-4616
Cross-site scripting XSS vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of greater than and less than characters...
CVE-2011-4616
Cross-site scripting XSS vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of greater than and less than characters...
CVE-2011-4616
Cross-site scripting XSS vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of greater than and less than characters...
Cross site scripting
Cross-site scripting XSS vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of greater than and less than characters...