Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

35 matches found

RedhatCVE
RedhatCVEā€¢added 2025/05/23 11:38 a.m.ā€¢4 views

CVE-2025-23935

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fengler Magic Google Maps magic-google-maps allows Stored XSS.This issue affects Magic Google Maps: from n/a through = 1.0.4...

6.5CVSS7.2AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVEā€¢added 2025/05/23 2:40 a.m.ā€¢5 views

CVE-2023-23935

Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the stable branch and versions 3.1.0.beta2 and prior on the beta and tests-passed branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal...

4.3CVSS6.6AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVEā€¢added 2025/05/22 6:19 p.m.ā€¢2 views

CVE-2021-23935

OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code...

6.1CVSS5.8AI score0.00174EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusā€¢added 2025/03/05 12:0 a.m.ā€¢12 views

Linux Distros Unpatched Vulnerability : CVE-2022-23935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check, leading to command injection. CVE-2022-23935 Note that Nessus relies on the...

7.8CVSS7.3AI score0.27704EPSS
Exploits5References3
Circl
Circlā€¢added 2025/01/16 9:20 p.m.ā€¢3 views

CVE-2025-23935

creationtimestamp| type| source ---|---|--- 2025-01-16 21:20:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7iv7peo2e 2025-01-16 22:56:21+00:00| seen| https://t.me/cvedetector/15652...

6.5CVSS7.3AI score0.00152EPSS
Exploits0References2
NVD
NVDā€¢added 2025/01/16 9:15 p.m.ā€¢10 views

CVE-2025-23935

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fengler Magic Google Maps magic-google-maps allows Stored XSS.This issue affects Magic Google Maps: from n/a through = 1.0.4...

6.5CVSS0.00152EPSS
Exploits0References1
CVE
CVEā€¢added 2025/01/16 8:7 p.m.ā€¢50 views

CVE-2025-23935

CVE-2025-23935 is a Cross-Site Scripting vulnerability in the WordPress plugin package Magic Google Maps. The connected Wordfence entry confirms an authenticated Stored XSS via input during web page generation in Magic Google Maps versions up to and including 1.0.4, caused by improper neutralizat...

6.5CVSS7.2AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichmentā€¢added 2025/01/16 8:7 p.m.ā€¢11 views

CVE-2025-23935 WordPress Magic Google Maps plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fengler Magic Google Maps magic-google-maps allows Stored XSS.This issue affects Magic Google Maps: from n/a through = 1.0.4...

6.5CVSS7.2AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelistā€¢added 2025/01/16 8:7 p.m.ā€¢15 views

CVE-2025-23935 WordPress Magic Google Maps plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fengler Magic Google Maps magic-google-maps allows Stored XSS.This issue affects Magic Google Maps: from n/a through = 1.0.4...

6.5CVSS0.00152EPSS
Exploits0References1
OSV
OSVā€¢added 2024/09/28 7:15 a.m.ā€¢0 views

CVE-2024-23935

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device...

7.5CVSS6.3AI score
Exploits0References1
NVD
NVDā€¢added 2024/09/28 7:15 a.m.ā€¢11 views

CVE-2024-23935

Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device...

8CVSS0.00913EPSS
Exploits0References1
OpenVAS
OpenVASā€¢added 2023/03/20 12:0 a.m.ā€¢15 views

Discourse < 3.0.2 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

4.9CVSS4.9AI score0.00984EPSS
Exploits0References3
Circl
Circlā€¢added 2023/03/16 11:31 p.m.ā€¢1 views

CVE-2023-23935

creationtimestamp| type| source ---|---|--- 2023-03-16 23:31:19+00:00| seen| https://t.me/cibsecurity/60217...

4.3CVSS4.6AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichmentā€¢added 2023/03/16 8:21 p.m.ā€¢8 views

CVE-2023-23935 Presence of restricted personal Discourse messages may be leaked if tagged with a tag

Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the stable branch and versions 3.1.0.beta2 and prior on the beta and tests-passed branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal...

3.5CVSS4.5AI score0.00298EPSS
Exploits0References2
OSV
OSVā€¢added 2023/03/16 8:21 p.m.ā€¢13 views

CVE-2023-23935 Presence of restricted personal Discourse messages may be leaked if tagged with a tag

Discourse is an open-source messaging platform. In versions 3.0.1 and prior on the stable branch and versions 3.1.0.beta2 and prior on the beta and tests-passed branches, the count of personal messages displayed for a tag is a count of all personal messages regardless of whether the personal...

3.5CVSS4.6AI score0.00298EPSS
Exploits0References4
SUSE CVE
SUSE CVEā€¢added 2023/02/15 3:27 a.m.ā€¢1 views

SUSE CVE-2022-23935

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check, leading to command injection...

7.8CVSS7.7AI score0.27704EPSS
Exploits5References3
Circl
Circlā€¢added 2023/02/12 11:47 a.m.ā€¢0 views

CVE-2022-23935

creationtimestamp| type| source ---|---|--- 2023-02-12 11:47:37+00:00| published-proof-of-concept| Telegram/CbElgwPMP2LIKnmo2t30Cv25j2V2UdZiklRAZXnOt8rE 2023-02-12 13:38:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7736 2023-02-12 15:32:23+00:00|...

7.8CVSS7.3AI score0.27704EPSS
Exploits5References8
GithubExploit
GithubExploitā€¢added 2023/02/10 6:22 p.m.ā€¢289 views

Exploit for OS Command Injection in Exiftool_Project Exiftool

CVE-2022-23935 šŸ Python Exploit for CVE-2022-23935 Staged Rev...

7.8CVSS7.7AI score0.27704EPSS
Exploits5
GithubExploit
GithubExploitā€¢added 2023/02/07 1:2 p.m.ā€¢703 views

Exploit for OS Command Injection in Exiftool_Project Exiftool

Introduction CVE-2022-23935 exploit PoC exiftool...

7.8CVSS7.6AI score0.27704EPSS
Exploits5
GithubExploit
GithubExploitā€¢added 2023/02/07 1:2 p.m.ā€¢7 views

Exploit for OS Command Injection in Exiftool_Project Exiftool

Introduction CVE-2022-23935 exploit PoC exiftool...

7.8CVSS8.1AI score0.27704EPSS
Exploits5
Rows per page
Query Builder