Lucene search
+L

128 matches found

cnnvd
cnnvd
added 2025/12/12 12:0 a.m.6 views

Japan Total System多款产品 安全漏洞

Japan Total System GroupSession Free edition, among others, is an enterprise collaboration software from Japan Total System, a Japanese company. A security vulnerability exists in several Japan Total System products, which originates from unauthenticated WebSockets and may lead to the disclosure ...

6.9CVSS5.4AI score0.00132EPSS
Exploits0References2
veracode
veracode
added 2025/11/03 3:5 p.m.5 views

Cross-site Scripting (XSS)

@lobehub/cha is vulnerable to a Cross-Site Scripting XSS. The vulnerability is due to unsafe SVG rendering due to SVGRenderer using dangerouslySetInnerHTML for image/svg+xml lobeArtifact content. An attacker can inject malicious SVGs via chat messages...

7.7CVSS6.1AI score0.00371EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.20 views

EUVD-2020-27264

Malware in sbrugna...

8.8CVSS8.2AI score0.04264EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-2983

Malware in sbrugna...

3.5CVSS6.4AI score0.00772EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-1570

Malware in sbrugna...

5CVSS6.4AI score0.01574EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-11160

Malware in sbrugna...

5.4CVSS5.5AI score0.00659EPSS
Exploits2References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0939

Malware in sbrugna...

9.3CVSS6.4AI score0.03459EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-14718

Malware in sbrugna...

6.1CVSS6.3AI score0.00671EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-28366

Malware in sbrugna...

6.1CVSS6.3AI score0.01371EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2004-2353

Malware in sbrugna...

5CVSS6.4AI score0.02154EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2015-6197

Malware in sbrugna...

4.3CVSS6.4AI score0.02314EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30302

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.01434EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49753

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00294EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-1844

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00322EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-49450

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01814EPSS
Exploits2References1
euvd
euvd
added 2025/10/03 8:7 p.m.17 views

EUVD-2025-1845

Malicious code in bioql PyPI...

5.8CVSS6.6AI score0.00231EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-33592

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00987EPSS
Exploits0References4
cvelist
cvelist
added 2025/10/03 7:32 p.m.11 views

CVE-2025-53354 NiceGUI is vulnerable to Reflected XSS attack

NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are at risk for Cross-Site Scripting XSS when developers render unescaped user input into the DOM using ui.html. NiceGUI did not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.inpu...

6.1CVSS0.00188EPSS
Exploits0References2
github
github
added 2025/10/03 7:19 p.m.10 views

NiceGUI has a Reflected XSS

Summary A Cross-Site Scripting XSS risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input with ui.html without...

6.1CVSS7AI score0.00188EPSS
Exploits0References4Affected Software1
snyk
snyk
added 2025/10/03 7:19 p.m.4 views

Cross-site Scripting (XSS)

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ui.html or ui.chatmessage functions when unescaped user input is rendered directly into the DOM. An attacker can execute arbitrary...

6.1CVSS5.4AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder