CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 may have been briefly compromised by a malware campaign. The malicious code attempts to redirect crypto transactions on the site to the attackers' wallet. Version 10.10.0 fix...

8.6CVSS0.00116EPSS

Exploits0References2

Cvelist•added 2025/09/09 10:17 p.m.•5 views

CVE-2025-59038 Prebid.js NPM package briefly compromised

8.6CVSS0.00116EPSS

Exploits0References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36995

Name of the Vulnerable Software and Affected Versions: Prebid.js versions prior to 10.10.0 Prebid.js version 10.9.2 Description: Prebid.js is a free and open source library used by publishers to implement header bidding. NPM users of version 10.9.2 may have been compromised by a malware campaign...

8.6CVSS6.4AI score0.00116EPSS

Exploits0References16

RedhatCVE•added 2025/08/23 8:13 p.m.•2 views

CVE-2025-55106

There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in th...

4.8CVSS6.9AI score0.00041EPSS

Exploits0References1

NVD•added 2025/08/21 8:15 p.m.•2 views

CVE-2025-55106

4.8CVSS0.00041EPSS

Exploits0References1

OSV•added 2025/08/21 8:15 p.m.•0 views

CVE-2025-55105

4.8CVSS5.9AI score

Exploits0References1

OSV•added 2025/08/21 8:15 p.m.•0 views

CVE-2025-55107

4.8CVSS5.9AI score0.00041EPSS

Exploits0References1

NVD•added 2025/08/21 8:15 p.m.•2 views

CVE-2025-55105

4.8CVSS0.00041EPSS

Exploits0References1

NVD•added 2025/08/21 8:15 p.m.•2 views

CVE-2025-55107

4.8CVSS0.00041EPSS

Exploits0References1

CVE•added 2025/08/21 7:29 p.m.•14 views

CVE-2025-55107

Vulnerability : CVE-2025-55107 affects Esri Portal for ArcGIS Enterprise Sites (versions 10.9.1–11.4). Issue : Stored Cross-Site Scripting allows a remote, authenticated attacker to inject a file containing an XSS script; when loaded, the script could execute arbitrary JavaScript in the victim’s ...

4.8CVSS6.6AI score0.00041EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/08/21 7:29 p.m.•3 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

4.8CVSS7AI score0.00041EPSS

Exploits0References1

Cvelist•added 2025/08/21 7:29 p.m.•4 views

CVE-2025-55107 BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

4.8CVSS0.00041EPSS

Exploits0References1

Vulnrichment•added 2025/08/21 7:29 p.m.•2 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

4.8CVSS6.8AI score0.00041EPSS

Exploits0References1

Cvelist•added 2025/08/21 7:29 p.m.•4 views

CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability.

4.8CVSS0.00041EPSS

Exploits0References1

CVE•added 2025/08/21 7:29 p.m.•11 views

CVE-2025-55106

CVE-2025-55106 concerns Esri Portal for ArcGIS Enterprise Sites, affected versions 10.9.1–11.4. A stored cross-site scripting vulnerability exists where an authenticated user can inject a malicious file containing an XSS script; when the file is loaded, it may execute arbitrary JavaScript in the ...

4.8CVSS6.3AI score0.00041EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/08/21 7:29 p.m.•2 views

CVE-2025-55105 BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability.

4.8CVSS6.8AI score0.00041EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by