Lucene search
K

30138 matches found

CVE
CVE
added yesterday8 views

CVE-2026-58489

HedgeDoc prior to v1.11.0 is vulnerable to a CSRF-like flaw in the GitHub Gist export callback. The OAuth2 state value was only checked for presence, not validated against the user session, allowing an attacker to craft a callback URL with their own valid GitHub OAuth code. When a logged-in victi...

6.8CVSS6.1AI score
Exploits0References2
Circl
Circl
added yesterday2 views

CVE-2020-8636

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:19+00:00| seen| https://t.me/GithubRedTeam/90443 2026-07-14 00:00:36+00:00| seen| https://t.me/GithubRedTeam/90443...

10CVSS7AI score0.04014EPSS
Exploits0References1
Circl
Circl
added yesterday4 views

CVE-2026-34207

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:18+00:00| seen| https://t.me/GithubRedTeam/90703 2026-07-14 00:00:34+00:00| seen| https://t.me/GithubRedTeam/90703...

7.6CVSS6.1AI score0.00239EPSS
Exploits2References1
Circl
Circl
added yesterday4 views

CVE-2323-41892

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:15+00:00| seen| https://t.me/GithubRedTeam/91392 2026-07-14 00:00:32+00:00| seen| https://t.me/GithubRedTeam/91392...

6.1AI score
Exploits0References1
Circl
Circl
added yesterday3 views

CVE-2026-25194

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:07+00:00| seen| https://t.me/GithubRedTeam/92513 2026-07-14 00:00:17+00:00| seen| https://t.me/GithubRedTeam/92513...

6.1AI score
Exploits0References1
Circl
Circl
added yesterday4 views

GHSA-QV97-83W4-FF86

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:06+00:00| seen| https://t.me/GithubRedTeam/92598 2026-07-14 00:00:10+00:00| seen| https://t.me/GithubRedTeam/92598...

6.1AI score
Exploits0References1
Circl
Circl
added yesterday3 views

GHSA-C2H5-PPV9-7VRQ

creationtimestamp| type| source ---|---|--- 2026-07-13 22:00:03+00:00| seen| https://t.me/GithubRedTeam/93198 2026-07-14 01:00:10+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/93198...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in kuaishou (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1d5daf09cc7bfff164e60bf5abd0a1b374b5bb616f0a78cac8f6c6ea613608 The package's prepare lifecycle script, which runs automatically on npm install, collects host, user, and platform identifiers along with the full...

6.1AI score
Exploits0References3
Nuclei
Nuclei
added yesterday193 views

Mongo-Express - Remote Code Execution

Mongo-Express before 1.0.0 is susceptible to remote code execution because it uses safer-eval to validate user supplied javascript. Unfortunately safer-eval sandboxing capabilities are easily bypassed leading to remote code execution in the context of the node server. id: CVE-2020-24391 info: nam...

9.8CVSS7.4AI score0.74519EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday147 views

H3C SSL VPN <=2022-07-10 - Cross-Site Scripting

H3C SSL VPN 2022-07-10 and prior contains a cookie-based cross-site scripting vulnerability in wnm/login/login.json svpnlang. id: CVE-2022-35416 info: name: H3C SSL VPN =2022-07-10 - Cross-Site Scripting author: 0x240x23elu severity: medium description: | H3C SSL VPN 2022-07-10 and prior contains...

6.1CVSS6.4AI score0.02886EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday31 views

nitely/spirit 0.12.3 - Open Redirect

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. id: CVE-2022-0869 info: name: nitely/spirit 0.12.3 - Open Redirect author: ctflearner severity: medium description: | Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. impact: | An attacker can...

6.1CVSS6.1AI score0.0262EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday86 views

mlflow - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6831 info: name: mlflow - Path Traversal author: byObin severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Authenticated attackers...

8.1CVSS7AI score0.0329EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday60 views

OpenEMR < 7.0.1 - Cross-site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1. id: CVE-2023-2949 info: name: OpenEMR 7.0.1 - Cross-site Scripting author: ritikchaddha,princechaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr...

8.3CVSS6.7AI score0.01472EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday51 views

phpMyFAQ < 3.2.0 - Cross-site Scripting

Cross-site Scripting XSS Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2. id: CVE-2023-5863 info: name: phpMyFAQ ' - 'phpMyFAQ' condition: and - type: word part: header words: - "text...

7.4CVSS6.7AI score0.01105EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday53 views

phpIPAM 1.5.1 - Cross-site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. id: CVE-2023-0676 info: name: phpIPAM 1.5.1 - Cross-site Scripting author: ritikchaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository phpipam/phpipam prior to 1.5....

6.1CVSS6.3AI score0.01532EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday91 views

Hestiacp <= 1.7.7 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. id: CVE-2023-3479 info: name: Hestiacp = 1.7.7 - Cross-Site Scripting author: edoardottt severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository hestiacp/hestiacp prior to...

6.1CVSS6.1AI score0.01293EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday112 views

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS7.3AI score0.71725EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday75 views

Mosparo < 1.0.2 - Open Redirect

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. id: CVE-2023-5375 info: name: Mosparo 1.0.2 - Open Redirect author: shankaracharya severity: medium description: | Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2. impact: | Unauthenticated attackers can exploit...

6.1CVSS6.1AI score0.33629EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday73 views

Imgproxy < 3.14.0 - Cross-site Scripting (XSS)

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. id: CVE-2023-1496 info: name: Imgproxy 3.14.0 - Cross-site Scripting XSS author: pdteam severity: medium description: Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to...

6.5CVSS6.5AI score0.01585EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday124 views

Structurizr on-premises - Cross Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194. id: CVE-2023-5556 info: name: Structurizr on-premises - Cross Site Scripting author: shankaracharya severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository...

6.1CVSS6.2AI score0.01222EPSS
Exploits1References3
Rows per page
Query Builder