Lucene search
+L

5 matches found

OSV
OSV
added 2026/06/03 9:14 p.m.11 views

GHSA-M88R-RG27-5XFG Docling: Unsafe XML Entity Expansion in USPTO Patent Backend

Impact The USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the server filesystem - Perform...

7.5CVSS6AI score0.00334EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017493 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponentia...

7.5CVSS7.1AI score0.03906EPSS
Exploits1References4
OSV
OSV
added 2026/01/23 7:46 a.m.6 views

CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

2.9CVSS5.8AI score0.0017EPSS
Exploits0References4
OSV
OSV
added 2025/07/09 11:11 a.m.7 views

CLSA-2025-1752059462 Update of ca-certificates

update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking" - Certificate "AffirmTrust Premium" - Certificate...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/12/30 4:15 p.m.6 views

CVE-2023-50550

layui up to v2.74 was discovered to contain a cross-site scripting XSS vulnerability via the data-content parameter...

5.4CVSS5.7AI score0.00283EPSS
Exploits0References1
Rows per page
Query Builder