Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.10 views

CVE-2019-16772

The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

6.1CVSS6.5AI score0.00646EPSS
Exploits0References1
NVD
NVD
added 2025/11/26 3:15 p.m.3 views

CVE-2025-13601

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

7.7CVSS0.00306EPSS
Exploits1References33
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-23851

Malware in sbrugna...

5.3CVSS5.2AI score0.01313EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-6283

Malware in sbrugna...

9.8CVSS7.8AI score0.03667EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-0772

Malware in sbrugna...

6.1CVSS6.1AI score0.00646EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1169

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00829EPSS
Exploits0References4
OSV
OSV
added 2022/02/09 10:19 p.m.14 views

GHSA-RCVX-RMVF-MXCH Cross-site Scripting in Eclipse Hawkbit

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 Not Found JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client...

6.1CVSS6.2AI score0.00829EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/02/09 10:19 p.m.38 views

Cross-site Scripting in Eclipse Hawkbit

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 Not Found JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client...

6.1CVSS6.1AI score0.00829EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/04/06 7:15 p.m.1 views

DEBIAN-CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

5.3CVSS5.6AI score0.01313EPSS
Exploits0References1
OSV
OSV
added 2021/04/06 7:15 p.m.32 views

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

5.3CVSS6.6AI score
Exploits0References5
Prion
Prion
added 2021/04/06 7:15 p.m.23 views

Cross site request forgery (csrf)

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

5CVSS5.8AI score0.01313EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/04/06 7:15 p.m.4 views

UBUNTU-CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

5.3CVSS6AI score0.01313EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/04/06 5:32 p.m.30 views

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

6AI score0.01313EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/04/06 5:32 p.m.51 views

CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

5.3CVSS5.2AI score0.01313EPSS
Exploits0
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.4 views

OpenResty 安全漏洞

Openresty OpenResty is a web application server based on Nginx and Lua from China Ou Rui Software Development Openresty. A security vulnerability exists in OpenResty versions prior to 0.10.16 that allows the use of unsafe characters in parameters...

5.3CVSS5.6AI score0.01313EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/04/06 12:0 a.m.4 views

PT-2021-11997 · Unknown +3 · Ngx Http Lua Module +3

Name of the Vulnerable Software and Affected Versions: ngx http lua module aka lua-nginx-module versions prior to 0.10.16 Description: The issue allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. Recommendations: For versions prior to...

7.7CVSS6.5AI score0.02599EPSS
Exploits1References29
NVD
NVD
added 2021/01/14 11:15 p.m.16 views

CVE-2020-27219

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 Not Found JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client...

6.1CVSS6.2AI score0.00829EPSS
Exploits0References2
Prion
Prion
added 2021/01/14 11:15 p.m.15 views

Design/Logic Flaw

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 Not Found JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client...

4.3CVSS6.2AI score0.00829EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/01/14 10:20 p.m.21 views

CVE-2020-27219

In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 Not Found JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client...

6.2AI score0.00829EPSS
Exploits0References2
CVE
CVE
added 2021/01/14 10:20 p.m.116 views

CVE-2020-27219

CVE-2020-27219 affects Eclipse Hawkbit prior to 0.3.0M7. The REST API may return a 404 Not Found JSON response that includes the full, unescaped request path, exposing unsafe characters. This could disclose internal URL structure to an attacker that POSTs to a non-existent resource. Root cause: u...

6.1CVSS6.2AI score0.00829EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder