Lucene search
+L

5 matches found

RedHat Linux
RedHat Linux
added 2026/04/22 7:12 a.m.6 views

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

7.1CVSS6AI score0.00308EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/08/13 1:31 p.m.6 views

CVE-2025-54382 Cherry Studio RCE Vulnerability Disclosure

Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution RCE vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirecti...

9.6CVSS8.1AI score0.05835EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.7 views

CVE-2023-34245

@udecode/plate-link is the link handler for the udecode/plate rich-text editor plugin system for Slate & React. Affected versions of the link plugin and link UI component do not sanitize URLs to prevent use of the javascript: scheme. As a result, links with JavaScript URLs can be inserted into th...

8.1CVSS6.7AI score0.00445EPSS
Exploits0
OSV
OSV
added 2019/09/11 2:15 p.m.7 views

DEBIAN-CVE-2019-16222

WordPress before 5.2.3 has an issue with URL sanitization in wpksesbadprotocolonce in wp-includes/kses.php that can lead to cross-site scripting XSS attacks...

6.1CVSS6.6AI score0.02198EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2019/09/11 12:0 a.m.10 views

PT-2019-5212 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.2.3 Description: The issue is related to incorrect URL sanitization in the wp kses bad protocol once function, which can lead to cross-site scripting XSS attacks. This could allow a remote attacker to compromise...

9.8CVSS6.3AI score0.4375EPSS
Exploits16References76
Rows per page
Query Builder