CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Vulnrichment•added 2026/03/26 8:30 p.m.•0 views

CVE-2026-33635 iCalendar has ICS injection via unsanitized URI property values

iCalendar is a Ruby library for dealing with iCalendar files in the iCalendar format defined by RFC-5545. Starting in version 2.0.0 and prior to version 2.12.2, .ics serialization does not properly sanitize URI property values, enabling ICS injection through attacker-controlled input, adding...

4.3CVSS6AI score0.0005EPSS

Exploits1References3

OSV•added 2022/09/23 12:15 p.m.•2 views

DEBIAN-CVE-2022-40716

HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2."...

6.5CVSS6.8AI score0.00361EPSS

Exploits0References1

Tenable Nessus•added 2019/01/03 12:0 a.m.•39 views

Fedora 28 : python-bleach (2018-994424b810)

Version 2.1.3 March 5th, 2018 ------------------------------- Security fixes - Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would...

9.8CVSS8.2AI score0.00511EPSS

Exploits0References2

OSV•added 2018/03/07 11:29 p.m.•1 views

UBUNTU-CVE-2018-7753

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized...

9.8CVSS7.3AI score0.00511EPSS

Exploits0References7

UbuntuCve•added 2018/03/07 11:29 p.m.•19 views

CVE-2018-7753

9.8CVSS7.2AI score0.00511EPSS

Exploits0References6

PyPA•added 2018/03/07 11:29 p.m.•6 views

PYSEC-2018-51

9.8CVSS6.9AI score0.00511EPSS

Exploits0References4Affected Software1

NVD•added 2018/03/07 11:29 p.m.•14 views

CVE-2018-7753

9.8CVSS9.3AI score0.00511EPSS

Exploits0References3

OSV•added 2018/03/07 11:29 p.m.•17 views

CVE-2018-7753

9.8CVSS7AI score

Exploits0References3

Prion•added 2018/03/07 11:29 p.m.•12 views

Design/Logic Flaw

7.5CVSS9.2AI score0.00511EPSS

Exploits0References3Affected Software1

Cvelist•added 2018/03/07 11:0 p.m.•17 views

CVE-2018-7753

9.3AI score0.00511EPSS

Exploits0References3

Debian CVE•added 2018/03/07 11:0 p.m.•18 views

CVE-2018-7753

9.8CVSS9.3AI score0.00511EPSS

Exploits0

Veracode•added 2017/02/23 8:6 a.m.•14 views

Cross-site Scripting (XSS)

angular is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because it does not sanitize URI values in the imgsrcset...

5.7AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Truegalerie 1.0 Unauthorized Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values...

7.1AI score

Exploits0

Exploit DB•added 2003/04/25 12:0 a.m.•18 views

Truegalerie 1.0 - Unauthorized Administrative Access

source: https://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values. http://target/admin.php?loggedin=1...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by