Lucene search
K

188 matches found

Cvelist
Cvelist
added 2026/02/11 11:33 a.m.23 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS0.00217EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/09 12:0 a.m.5 views

MiracleLinux 8 : python3-3.6.8-73.el8_10.ML.1 (AXSA:2026-153:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-153:02 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

6CVSS7.2AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Atlassian Jira Service Management Data Center and Server 11.0.x < 11.0.1 (JSDSERVER-16411)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16411 advisory. - In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8...

7.5CVSS5.6AI score0.00756EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/20 3:32 p.m.4 views

EUVD-2025-204641

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'csupdateapplicationstatuscallback' due to missing validation on a user controlled key. This makes it possible for authenticated...

4.3CVSS5.5AI score0.00171EPSS
Exploits0References3
NVD
NVD
added 2025/12/20 2:16 p.m.7 views

CVE-2025-7733

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'csupdateapplicationstatuscallback' due to missing validation on a user controlled key. This makes it possible for authenticated...

4.3CVSS0.00171EPSS
Exploits0References2
CVE
CVE
added 2025/12/20 1:47 p.m.14 views

CVE-2025-7733

CVE-2025-7733 affects the WP JobHunt WordPress plugin (up to 7.7) via Insecure Direct Object Reference in the cs_update_application_status_callback, caused by missing validation on a user-controlled key. This allows authenticated users with Candidate-level access and above to send a site-generate...

4.3CVSS5.6AI score0.00171EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/20 12:0 a.m.9 views

PT-2025-52550

Name of the Vulnerable Software and Affected Versions WP JobHunt plugin for WordPress versions prior to 7.8 Description The WP JobHunt plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This affects versions up to and including 7.7, stemming from a lack of validatio...

4.3CVSS6AI score0.00171EPSS
Exploits0References7
EUVD
EUVD
added 2025/11/13 8:30 p.m.6 views

EUVD-2025-175381

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

3.5CVSS6AI score0.00156EPSS
Exploits0References1
Veracode
Veracode
added 2025/11/05 12:27 p.m.6 views

HTML Injection

mailgen is vulnerable to HTML injection. The vulnerability is due to improper sanitization of user-supplied content and Mailgen.generatePlaintextemail retaining HTML tags from input. An attacker can supply crafted content to inject HTML into generated plaintext emails...

6.9CVSS6.9AI score0.00409EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2572

Malware in sbrugna...

4.3CVSS6.4AI score0.02467EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-2578

Malware in sbrugna...

4.3CVSS6.4AI score0.01824EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2941

Malware in sbrugna...

5CVSS6.4AI score0.01463EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-4002

Malware in sbrugna...

4.3CVSS6.4AI score0.01201EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-4676

Malware in sbrugna...

4.3CVSS6.7AI score0.05792EPSS
Exploits2References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-1078

Malware in sbrugna...

7.5CVSS6.1AI score0.014EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-0669

Malware in sbrugna...

4.3CVSS6.4AI score0.01373EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-3477

Malware in sbrugna...

2.6CVSS6.4AI score0.01269EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-3608

Malware in sbrugna...

4.3CVSS6.2AI score0.02299EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-5027

Malware in sbrugna...

4.3CVSS6.4AI score0.01065EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-14909

Malware in sbrugna...

5.4CVSS6AI score0.01335EPSS
Exploits0References5
Rows per page
Query Builder