Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

127 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:54 a.m.1 views

CVE-2021-41165

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result...

8.2CVSS7.5AI score0.00128EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-32127

Malicious code in bioql PyPI...

6.1CVSS7AI score0.0054EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-0630

Malicious code in bioql PyPI...

6.1CVSS6.7AI score0.00169EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-29580

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.01115EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-24815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module i...

6.1CVSS6.7AI score0.00169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-41165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all...

8.2CVSS6.6AI score0.00128EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-28439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media...

6.1CVSS7AI score0.0054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2024-24816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior t...

6.1CVSS6.8AI score0.3983EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/23 4:51 a.m.5 views

CVE-2023-28439

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...

6.1CVSS6.5AI score0.0054EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/24 2:16 p.m.21 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in its dependencies (CVE-2022-45688, CVE-2023-28439, CVE-2023-33201, CVE-2023-41900, CVE-2023-36479, CVE-2023-40167, CVE-2023-36478, )

Summary Multiple vulnerabilities over HuTool, JSON-java, CKEditor4, Bouncy Castle and Eclipse Jetty is affecting IBM Sterling Control Center v6.2.1.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is...

7.5CVSS8.2AI score0.41634EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/19 3:11 p.m.13 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Apache Axis, CKEditor4 & IBM MQ (CVE-2014-3596, CVE-2018-8032, CVE-2019-0227, CVE-2012-5784, CVE-2021-38986, CVE-2022-22321, CVE-2023-28439)

Summary IBM Sterling Control Center is affected by vulnerabilities in on Apache Axis, CKEditor4 & IBM MQ. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2014-3596 DESCRIPTION: Apache Axis and Axis2 could allow a remote attacker to condu...

7.5CVSS7.5AI score0.89966EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-41164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter ACF module and may affe...

8.2CVSS6.6AI score0.00076EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-24729

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The...

7.5CVSS6.8AI score0.01115EPSS
Exploits0References3
Veracode
Veracodeadded 2024/08/22 1:55 p.m.13 views

Cross Site Scripting (XSS)

ckeditor4 is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a flaw in the Code Snippet GeSHi plugin. An attacker could craft a malicious script that could be executed by sending a request to the GeSHi library hosted on a PHP web server...

6.1CVSS6.7AI score0.01847EPSS
Exploits0References4Affected Software1
Veracode
Veracodeadded 2024/08/22 1:26 p.m.17 views

Cross Site Scripting (XSS)

ckeditor4 is vulnerable to Cross Site Scripting XSS. The vulnerability is caused by a missing input validation and output sanitization while rendering the page on the browser. This can lead to compromising Confidentiality and Integrity of the system...

3.1CVSS6.3AI score0.0008EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2024/08/21 6:31 p.m.14 views

GHSA-6V96-M24V-F58J CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeover

Affected Packages The issue impacts only editor instances with enabled version notifications. Please note that this feature is disabled by default in all CKEditor 4 LTS versions. Therefore, if you use CKEditor 4 LTS, it is highly unlikely that you are affected by this vulnerability. If you are...

4.8CVSS4AI score0.0008EPSS
Exploits0References4
NVD
NVDadded 2024/08/21 4:15 p.m.12 views

CVE-2024-43411

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS0.0008EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/08/21 3:17 p.m.21 views

CVE-2024-43411 CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS0.0008EPSS
Exploits0References2
OSV
OSVadded 2024/08/21 3:17 p.m.14 views

CVE-2024-43411 CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS8.1AI score0.0008EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/08/21 3:17 p.m.14 views

CVE-2024-43411 CKEditor4 has a low risk cross-site scripting (XSS) vulnerability from domain takeover

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...

3.1CVSS6.6AI score0.0008EPSS
Exploits0References2
Rows per page
Query Builder