Lucene search
K

977 matches found

NVD
NVD
added 2026/03/03 11:15 p.m.7 views

CVE-2026-26266

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS0.00239EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/03 10:16 p.m.5 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 10:16 p.m.5 views

CVE-2026-26266

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/03 10:16 p.m.4 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/03 10:16 p.m.24 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.7 views

PT-2026-22839

Name of the Vulnerable Software and Affected Versions AliasVault versions 0.25.3 and lower Description AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS issue exists in the email rendering feature of the AliasVault Web Client. When...

9.3CVSS5.8AI score0.00239EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/02/25 1:9 a.m.24 views

CVE-2025-67752 OpenEMR Has Disabled SSL Certificate Verification in HTTP Client

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...

8.1CVSS0.00233EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2026/02/10 12:0 a.m.8 views

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

RHEL 8 : python3.12 (RHSA-2026:2419)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2419 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/05 2:53 p.m.7 views

hibernate-reactive-core: Hibernate Reactive: Denial of Service due to connection leak on HTTP client disconnect

A flaw was found in Hibernate Reactive. When an HTTP endpoint is exposed to perform database operations, a remote client can prematurely close the HTTP connection. This action may lead to leaking connections from the database connection pool, potentially causing a Denial of Service DoS by...

4.3CVSS5.8AI score0.00376EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.13 views

Amazon Linux 2023 : python3-urllib3 (ALAS2023-2026-1418)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1418 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...

8.9CVSS5.8AI score0.02667EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/02/04 7:51 p.m.9 views

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/04 7:51 p.m.5 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/04 3:4 p.m.4 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/03 3:42 p.m.5 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/28 8:3 p.m.31 views

CVE-2025-14840 HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...

0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 8:3 p.m.6 views

EUVD-2025-206433

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/27 5:32 p.m.7 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 3:21 p.m.8 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : java-21-openjdk-21.0.5.0.10-3.el8.ML.1 (AXSA:2024-8941:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8941:16 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

7.1CVSS7AI score0.01157EPSS
Exploits1References6
Rows per page
Query Builder