Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

OSV
OSVadded 2026/03/01 2:15 a.m.2 views

MINI-7VFC-XMRW-9737

Bulletin has no description...

7CVSS5.8AI score0.00017EPSS
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-7599

Malware in sbrugna...

10CVSS9.4AI score0.01432EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/08/31 4:32 p.m.2 views

CVE-2025-9737 O2OA Personal Profile importmodel cross site scripting

A vulnerability was detected in O2OA up to 10.0-410. Affected is an unknown function of the file /xqueryassembledesigner/jaxrs/importmodel of the component Personal Profile Page. Performing manipulation of the argument description/applicationName/queryName results in cross site scripting. Remote...

5.1CVSS5.4AI score0.00071EPSS
Exploits1References6
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-9737 Malicious code in @zalastax/nolb-_aii (npm)

The package @zalastax/nolb-aii was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 3:19 a.m.4 views

CVE-2014-9737

Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a block...

5.8CVSS7.1AI score0.00253EPSS
Exploits0References1
Circl
Circladded 2024/10/11 5:0 a.m.6 views

CVE-2024-9737

creationtimestamp| type| source ---|---|--- 2024-10-11 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1350/...

7.8CVSS7AI score0.00457EPSS
Exploits0References1
OSV
OSVadded 2024/09/10 3:5 p.m.16 views

CGA-9737-QQJ4-9XJC

Bulletin has no description...

7.1CVSS6.9AI score0.02246EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/09/11 12:0 a.m.31 views

Adobe Experience Manager 6.2.x <= 6.2 SP1-CFP20 / 6.3.x <= 6.3.3.8 / 6.4.x < 6.4.8.2 / 6.5.x < 6.5.6.0 (APSB20-56)

The version of Adobe Experience Manager installed on the remote host is 6.2.x through 6.2 SP1-SFP20, 6.3.x through 6.3.3.8, 6.4.x prior to 6.4.8.2, or 6.5.x prior to 6.5.6.0. It is, therefore, affected by multiple vulnerabilities: - Adobe Experience Manager executes with unnecessary privileges,...

9CVSS6.2AI score0.03316EPSS
Exploits0References9
NVD
NVDadded 2020/07/28 5:15 p.m.8 views

CVE-2020-15612

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...

10CVSS9.7AI score0.01432EPSS
Exploits0References1
Cvelist
Cvelistadded 2020/07/28 5:1 p.m.11 views

CVE-2020-15612

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...

9.8CVSS9.6AI score0.01432EPSS
Exploits0References1
CVE
CVEadded 2020/07/28 5:1 p.m.43 views

CVE-2020-15612

CVE-2020-15612 affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_ftp_manager.php where parsing the userLogin parameter allows an attacker to execute arbitrary code with root privileges via a remote attack, without authentication. This is documented across multiple sources, includi...

10CVSS9.6AI score0.01432EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2020/07/28 12:0 a.m.23 views

CVE-2020-15612 — CentOS Web Panel Authentication Bypass/RCE

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...

10CVSS1.4AI score0.01432EPSS
Exploits0References2
vulnersOsv
vulnersOsvadded 2019/03/14 3:38 p.m.1 views

@bndynet/bbootstrap (>=1.0.2 <=2.2.1), @bndynet/jslib (>=1.0.52 <=2.0.0) +8 more potentially affected by CVE-2019-9737 via editor.md (=1.5.0)

editor.md NPM version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on editor.md and may be impacted: - @bndynet/bbootstrap =1.0.2, =1.0.52, =2.3.6, =1.0.0, =0.2.0, =0.1.1, =0.1.0, =1.0.0, =1.0.3 Source cves: CVE-2019-9737 Source advisory:...

6.1CVSS6.3AI score0.0024EPSS
Exploits1
NVD
NVDadded 2019/03/13 2:29 a.m.11 views

CVE-2019-9737

Editor.md 1.5.0 has DOM-based XSS via vectors involving the 'EMBED SRC="data:image/svg+xml' substring...

6.1CVSS5.9AI score0.0024EPSS
Exploits1References1
CVE
CVEadded 2019/03/13 2:0 a.m.48 views

CVE-2019-9737

Summary: CVE-2019-9737 affects Editor.md 1.5.0 with a DOM-based XSS vulnerability triggered by vectors including the substring &lt;EMBED SRC="data:image/svg+xml.** The root cause is persistent insufficient sanitization of user input that can introduce base64-encoded content, enabling script execu...

6.1CVSS5.8AI score0.0024EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/03/13 2:0 a.m.13 views

CVE-2019-9737

Editor.md 1.5.0 has DOM-based XSS via vectors involving the 'EMBED SRC="data:image/svg+xml' substring...

5.9AI score0.0024EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletinsadded 2018/06/17 3:32 p.m.20 views

Security Bulletin: IBM TRIRIGA Application Platform Cross-Site Scripting (XSS) (CVE-2016-9737)

Summary The IBM TRIRIGA Application is vulnerable to a Cross-Site Scripting attack. Vulnerability Details CVEID: CVE-2016-9737 DESCRIPTION: IBM TRIRIGA is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende...

5.4CVSS0.5AI score0.00227EPSS
Exploits0Affected Software1
CVE
CVEadded 2017/03/27 10:0 p.m.49 views

CVE-2016-9737

CVE-2016-9737 affects IBM TRIRIGA Application Platform versions 3.3, 3.4, and 3.5, which are vulnerable to cross-site scripting via the Web UI, potentially allowing an attacker to inject arbitrary JavaScript and disclose credentials in a trusted session. The IBM Security Bulletin lists affected r...

5.4CVSS5.2AI score0.00227EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2016/11/04 12:0 a.m.14 views

Atlassian JIRA 7.0.x < 7.0.2 Information Disclosure

Binary data 9737.prm...

7.3AI score
Exploits0References1
Cvelist
Cvelistadded 2015/07/06 2:55 p.m.12 views

CVE-2014-9737

Open redirect vulnerability in the Language Switcher Dropdown module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a block...

6.7AI score0.00253EPSS
Exploits0References3
Rows per page
Query Builder