Lucene search
K

128 matches found

OSV
OSV
added 2026/03/18 12:41 p.m.11 views

MAL-2026-1665 Malicious code in browser-compat-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 601776b12bb397ecad770ec5b29505afb8704042ffdb079640eb6f0f1903edab The package browser-compat-data was found to contain malicious code...

5.8AI score
Exploits0
Circl
Circl
added 2026/01/30 2:10 a.m.9 views

CVE-2026-1665

creationtimestamp| type| source ---|---|--- 2026-01-30 02:10:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdm7wvs5ju2m...

5.4CVSS5.8AI score0.00767EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/29 11:4 p.m.4 views

CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path

A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...

5.4CVSS6.2AI score0.00767EPSS
Exploits0References4
CVE
CVE
added 2026/01/29 11:4 p.m.26 views

CVE-2026-1665

CVE-2026-1665 affects nvm (Node Version Manager) versions 0.40.3 and earlier. The vulnerability arises because the wget path in the nvm_download() function uses eval to execute commands and the NVM_AUTH_HEADER environment variable is not sanitized in that path (unlike the curl path). An attacker ...

5.4CVSS6.2AI score0.00767EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.11 views

CVE-2025-1665

The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 6:15 a.m.17 views

CVE-2025-1665

The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00256EPSS
Exploits0References2
Circl
Circl
added 2025/04/01 5:31 a.m.6 views

CVE-2025-1665

creationtimestamp| type| source ---|---|--- 2025-04-01 05:31:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9838...

6.4CVSS7.8AI score0.00256EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 5:22 a.m.21 views

CVE-2025-1665 Avada Builder <= 3.11.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/01 5:22 a.m.8 views

CVE-2025-1665 Avada Builder <= 3.11.14 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 3.11.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00256EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-1665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it...

8.2CVSS7.8AI score0.00265EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2013-1665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote...

5CVSS8.3AI score0.04593EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/16 12:0 a.m.14 views

CVE-2024-1665

...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.29 views

Rocky Linux 8 : qt5 (RLSA-2020:1665)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1665 advisory. - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. CVE-2018-19869 - An issue was...

6.5CVSS6.3AI score0.02178EPSS
Exploits1References39
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.37 views

Oracle Linux 8 : qt5 (ELSA-2020-1665)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1665 advisory. python-qt5 5.13.1-1 - 5.13.1 Resolves: bz1775603 qgnomeplatform 0.4-3 - Rebuild qt5 Resolves: bz1774418 qt5 5.12.5-3 - Re-add srpm macros, just leave...

6.5CVSS6.8AI score0.02178EPSS
Exploits1References4
Circl
Circl
added 2023/03/28 2:26 a.m.6 views

CVE-2023-1665

creationtimestamp| type| source ---|---|--- 2023-03-28 02:26:34+00:00| seen| https://t.me/cibsecurity/60860 2023-03-28 13:16:28+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4061...

9.8CVSS7.7AI score0.0062EPSS
Exploits1References2
CVE
CVE
added 2023/03/27 12:0 a.m.69 views

CVE-2023-1665

CVE-2023-1665 affects linagora/twake (versions prior to 0.0.0). The root cause is improper restriction of excessive authentication attempts, enabling brute-force login on the login endpoint (example PoC shows repeated login attempts against /internal/services/console/v1/login). Impact is high: po...

9.8CVSS8.9AI score0.0062EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.7 views

CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

7.8CVSS9.6AI score0.0062EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/03/27 12:0 a.m.18 views

CVE-2023-1665 Improper Restriction of Excessive Authentication Attempts in linagora/twake

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0...

7.8CVSS9.8AI score0.0062EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.6 views

SUSE CVE-2013-0279

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and descriptions in this...

9.5AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:42 a.m.3 views

SUSE CVE-2013-0278

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and descriptions in this...

9.5AI score
Exploits0References3
Rows per page
Query Builder