EUVD-2023-23938

Malicious code in bioql PyPI...

EUVD-2025-6869

Malicious code in bioql PyPI...

EUVD-2022-7520

Malicious code in bioql PyPI...

EUVD-2022-15569

Malicious code in bioql PyPI...

EUVD-2024-3072

Malicious code in bioql PyPI...

EUVD-2024-0472

Malicious code in bioql PyPI...

EUVD-2025-16932

Malicious code in bioql PyPI...

EUVD-2023-2747

Malicious code in bioql PyPI...

EUVD-2023-2788

Malicious code in bioql PyPI...

EUVD-2024-52775

Malicious code in bioql PyPI...

EUVD-2022-52764

Malicious code in bioql PyPI...

NiceGUI has a Reflected XSS

Summary A Cross-Site Scripting XSS risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input with ui.html without...

Cross-site Scripting (XSS)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cross-site Scripting XSS via incomplete HTML sanitization in the client-side PDF export pipeline. An attacker can exploit...

[SECURITY] Fedora 41 Update: rust-ammonia-3.3.1-1.fc41

HTML Sanitization...

[SECURITY] Fedora 43 Update: rust-ammonia-4.1.2-1.fc43

HTML Sanitization...

PT-2025-39244

Name of the Vulnerable Software and Affected Versions Schema & Structured Data for WP & AMP versions prior to 1.50 Description The software does not properly handle HTML tag attribute modifications, which allows for unauthenticated attackers to conduct Stored Cross-Site Scripting XSS attacks via...

Cross-site Scripting (XSS)

Overview ammonia is a whitelist-based HTML sanitization library. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the cleaning process when handling embedded svg or math tags. An attacker can execute arbitrary scripts in the context of the affected application by...

CVE-2025-34175

In pfSense CE /usr/local/www/suricata/suricatafilecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the policyname parameter not being cleaned of...

Linux Distros Unpatched Vulnerability : CVE-2024-53986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...