Lucene search
K

243 matches found

OSV
OSV
added 2026/03/18 4:9 p.m.4 views

GHSA-MVPM-V6Q4-M2PF SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata

Stored XSS to RCE via Unsanitized Bazaar Package Metadata Summary SiYuan's Bazaar community marketplace renders package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which...

5.3CVSS6.5AI score0.00549EPSS
Exploits2References3
Github Security Blog
Github Security Blog
added 2026/03/18 4:9 p.m.6 views

SiYuan has Stored XSS to RCE via Unsanitized Bazaar Package Metadata

Stored XSS to RCE via Unsanitized Bazaar Package Metadata Summary SiYuan's Bazaar community marketplace renders package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which...

9CVSS6.5AI score0.00549EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2026/03/18 4:9 p.m.4 views

GHSA-4663-4MPG-879V SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering

Stored XSS to RCE via Unsanitized Bazaar README Rendering Summary SiYuan's Bazaar community marketplace renders package README content without HTML sanitization. The backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through...

5.3CVSS6.2AI score0.00584EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/03/18 4:9 p.m.9 views

SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering

Stored XSS to RCE via Unsanitized Bazaar README Rendering Summary SiYuan's Bazaar community marketplace renders package README content without HTML sanitization. The backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through...

9CVSS6.2AI score0.00584EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.7 views

PT-2026-26188

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and earlier SiYuan versions 3.5.9 and earlier Description SiYuan is a personal knowledge management system. The backend 'renderREADME' function uses 'lute.New' without calling 'SetSanitizetrue', allowing raw HTML embedded...

9CVSS6.7AI score0.00584EPSS
Exploits1References156
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.9 views

PT-2026-26097

Stored XSS to RCE via Unsanitized Bazaar Package Metadata Summary SiYuan's Bazaar community marketplace renders package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which...

9CVSS6.5AI score0.00549EPSS
Exploits2References7
OSV
OSV
added 2026/03/16 8:43 p.m.6 views

GHSA-V3MG-9V85-FCM7 SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS

Remote Code Execution via Malicious Bazaar Package — Marketplace XSS Summary SiYuan's Bazaar community marketplace renders plugin/theme/template metadata and README content without sanitization. A malicious package author can achieve RCE on any user who browses the Bazaar by: 1. Package metadata...

5.3CVSS6.6AI score0.00391EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/16 8:43 p.m.9 views

SiYuan Vulnerable to Remote Code Execution via Malicious Bazaar Package — Marketplace XSS

Remote Code Execution via Malicious Bazaar Package — Marketplace XSS Summary SiYuan's Bazaar community marketplace renders plugin/theme/template metadata and README content without sanitization. A malicious package author can achieve RCE on any user who browses the Bazaar by: 1. Package metadata...

6.6AI score
Exploits0References2Affected Software1
HackRead
HackRead
added 2026/01/29 5:37 p.m.9 views

Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models

Pillar Security Research has discovered Operation Bizarre Bazaar, a massive cyberattack campaign led by a hacker known as Hecker. Between December 2025 and January 2026, over 35,000 sessions were recorded targeting AI systems to steal compute power and resell access via silver.inc...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2014-7666

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-5686

Malware in sbrugna...

9.3CVSS8.6AI score0.05978EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-4837

Malware in sbrugna...

4CVSS6.1AI score0.01118EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-6289

Malware in sbrugna...

7.8CVSS7.6AI score0.03773EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-4034

Malware in sbrugna...

10CVSS6.4AI score0.03004EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18287

Malware in sbrugna...

7.8CVSS7.6AI score0.02907EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2025/10/02 6:10 a.m.5 views

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands

...

9.3CVSS7AI score0.05978EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.8 views

CVE-2024-40348

An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal...

8.2CVSS8.3AI score0.0829EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.8 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS6.7AI score0.00255EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/04/10 3:27 p.m.6 views

K000150804: Multiple Wireshark/tshark vulnerabilities

Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...

7.8CVSS6.8AI score0.03773EPSS
Exploits2
GithubExploit
GithubExploit
added 2024/12/20 9:47 a.m.411 views

Exploit for Path Traversal in Bazarr

Bazaarpoc Bazaar v1.4.3 任意文件读取漏洞CVE-2024-40348 python Baza...

8.2CVSS8.3AI score0.0829EPSS
Exploits2
Rows per page
Query Builder