Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

EUVD
EUVDadded 2026/05/26 8:36 p.m.5 views

EUVD-2026-31992

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". When the validated value is not a plain integer, renderblockimage inserts it directly int...

4.7CVSS5.8AI score0.00031EPSS
Exploits1References2
OSV
OSVadded 2026/05/14 4:36 p.m.1 views

GHSA-CCFX-MFMX-2FX9 Mistune Image Directive CSS Injection Vulnerability

Summary The Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". This pattern is applied via re.match which anchors only at the start of the string, not the end. Any value that begins with one or more digits passes validation,...

4.7CVSS6AI score0.00031EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2026/05/14 4:36 p.m.2 views

Mistune Image Directive CSS Injection Vulnerability

Summary The Image directive plugin validates the :width: and :height: options with a regex compiled as numre = re.compiler"^\d+?:.\d?". This pattern is applied via re.match which anchors only at the start of the string, not the end. Any value that begins with one or more digits passes validation,...

6.1CVSS6AI score0.00031EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2025/12/03 8:16 p.m.2 views

AZL-71555 CVE-2025-12385 affecting package qtdeclarative for versions less than 6.6.1-2

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick...

8.7CVSS5.8AI score0.0012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/25 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2019-13962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap- based buffer over-read because it does not properly...

9.8CVSS7.7AI score0.03227EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2023/08/18 12:15 a.m.1 views

CVE-2023-39125

NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmprw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well tested program, it's just something to demonstrate it works and fo...

7.5CVSS7.1AI score0.00079EPSS
Exploits1References2
Rows per page
Query Builder