41 matches found
PT-2026-43271
Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An out-of-bounds read exists in the NetFlow v9 options template parser. In the process netflow v9 options template function, the scope parsing loop iterates until scopes offset...
CVE-2026-48684
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...
avalon-filter-rce
Title: Prototype Escape and Remote Code Execution in RubyLouv...
Astra Linux - уязвимость в golang-1.19
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
EUVD-2025-203467
A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...
CVE-2025-14731
A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...
CVE-2025-14731
A weakness has been identified in CTCMS Content Management System up to 2.1.2. This affects an unknown function in the library /ctcms/apps/libraries/CTParser.php of the component Frontend/Template Management Module. This manipulation causes improper neutralization of special elements used in a...
CTCMS 安全漏洞
CTCMS Chibi CMS is a video content management system from China Chibi CMS CTCMS company. A security vulnerability exists in CTCMS 2.1.2 and earlier versions, which originates from an improper neutralization of special elements of the template engine by an unknown function in the file...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
golang: html/template: improper handling of HTML-like comments within script contexts
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
golang: html/template: improper handling of HTML-like comments within script contexts
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
golang: html/template: improper handling of HTML-like comments within script contexts
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...
golang: html/template: improper handling of special tags within script contexts
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...
Cross Site Scripting (XSS)
github.com/golang/go is vulnerable to Cross Site Scripting XSS. The vulnerability is caused by a lack of proper handling of occurrences of context. This will make the template parser incorrectly conclude the script context resulting in XSS...
AZL-28694 CVE-2023-39318 affecting package golang for versions less than 1.20.10-1
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...
CVE-2023-39319
The html/template package does not apply the proper rules for handling occurrences of " contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack...
CVE-2023-39318
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...