Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/19 3:41 p.m.3 views

XML Injection

Overview Affected versions of this package are vulnerable to XML Injection during request serialization of scalar XML element values. An attacker can smuggle raw XML markup into generated output by supplying a string that contains CDATA terminator . This lets attacker-controlled content break out...

8.6CVSS5.9AI score0.00219EPSS
Exploits0References2
OSV
OSV
added 2023/12/19 8:15 p.m.8 views

UBUNTU-CVE-2023-43826

Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...

8.8CVSS7.6AI score0.0089EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2023/12/19 7:50 p.m.3 views

CVE-2023-43826 Apache Guacamole: Integer overflow in handling of VNC image buffers

Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be...

7.5CVSS5.7AI score0.0089EPSS
Exploits2References2
Snyk
Snyk
added 2022/01/05 10:41 p.m.4 views

Uncontrolled Search Path Element

Overview std/syscall is a Go standard library package std/syscall Affected versions of this package are vulnerable to Uncontrolled Search Path Element. Go Vulnerability Report: Untrusted search path vulnerability on Windows related to LoadLibrary allows local users to gain privileges via a...

8.5CVSS7.1AI score0.00396EPSS
Exploits0References3
Rows per page
Query Builder