Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/12 3:16 a.m.8 views

CVE-2026-40137

SAP TAFAPPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS0.00026EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/04 6:31 p.m.0 views

EUVD-2026-9472

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

6.1CVSS5.8AI score0.0001EPSS
Exploits0References2
NVD
NVDadded 2026/02/10 4:16 a.m.4 views

CVE-2026-24328

SAP TAFAPPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS0.0009EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-27197

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00217EPSS
Exploits0References2
Veracode
Veracodeadded 2025/08/11 5:38 p.m.4 views

Cross-site Scripting (XSS)

github.com/usememos/memos is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unrestricted external image embedding because markdown images with arbitrary URLs are automatically fetched when viewing a memo, exposing the user's IP address, browser User-Agent, and other...

9.8CVSS6.6AI score0.06977EPSS
Exploits1References3Affected Software1
Snyk
Snykadded 2025/07/29 2:43 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of markdown images with arbitrary URLs. An attacker can obtain the IP address, browser User-Agent, and potentially other request-specific information of users by embedding image URLs that are...

9.8CVSS5.3AI score0.06977EPSS
Exploits1References2
CNNVD
CNNVDadded 2021/03/26 12:0 a.m.2 views

Apache Synapse 跨站脚本漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A cross-site scripting vulnerability exists in Matrix Synapse versions prior to 1.27.0, which can be exploited by attackers to access cookies and other browser data...

8.2CVSS5.2AI score0.00505EPSS
Exploits0References6
CNVD
CNVDadded 2019/01/24 12:0 a.m.1 views

Cisco Prime Infrastructure Cross-Site Scripting Vulnerability (CNVD-2019-02814)

Cisco Prime Infrastructure PI is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies for wireless management. solution. A cross-site scripting vulnerability exists in the web-based management interface of Cisco PI, which stems from a failure of...

6.1CVSS6.5AI score0.0012EPSS
Exploits0References1
OSV
OSVadded 2018/08/15 8:29 p.m.2 views

CVE-2018-0386

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...

6.1CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder