Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

289 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-21706

Malware in sbrugna...

6.1CVSS6.3AI score0.00222EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2015-5852

Malware in sbrugna...

5CVSS6.3AI score0.00388EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-17337

Malware in sbrugna...

8.8CVSS8.6AI score0.05872EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2018-8330

Malware in sbrugna...

9.8CVSS9.5AI score0.00296EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-0143

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.02902EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-32354

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00159EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2021-34123

Malicious code in bioql PyPI...

6.1CVSS4.9AI score0.00868EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2025/10/02 9:23 p.m.10 views

Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI

Description OIDC authentication uses cookies with the SameSite=Strict attribute, preventing cookies from being sent with requests from other sites. Therefore, CSRF does not occur as long as web services in a Same Site relationship same eTLD+1 with the origin running LXD-UI are trusted. However,...

8.8CVSS7.2AI score0.00024EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2025/07/17 12:0 a.m.1 views

Hollo 安全漏洞

Hollo is a micro-blogging software from Fedify Open Source. A security vulnerability exists in versions of Hollo prior to 0.6.5 that stems from allowing submission of HTML form elements, which may result in HTML injection...

6.1CVSS6.5AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/05/22 6:37 p.m.5 views

CVE-2021-35061

Multiple cross-site scripting XSS vulnerabilities in DRK Odenwaldkreis Testerfassung March-2021 allow remote attackers to inject arbitrary web script or HTML via all parameters to HTML form fields in all components...

6.1CVSS6AI score0.00222EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:34 a.m.8 views

CVE-2019-6968

The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected...

6.1CVSS6AI score0.00248EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:21 a.m.6 views

CVE-2018-16521

An XML External Entity XXE vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0...

9.8CVSS6.8AI score0.00296EPSS
Exploits0References1
OSV
OSVadded 2025/05/07 3:29 p.m.5 views

CVE-2025-46827 Graylog Allows Session Takeover via Insufficient HTML Sanitization

Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...

8CVSS6.6AI score0.0014EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/05/07 3:27 p.m.22 views

Graylog Allows Session Takeover via Insufficient HTML Sanitization

Impact It is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with permissions to create event definitions, while the user must have permissions to view alerts...

8CVSS7.6AI score0.0014EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2025/04/10 5:50 a.m.5 views

CVE-2025-3403

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

5.1CVSS6.3AI score0.00395EPSS
Exploits0References1
NVD
NVDadded 2025/04/08 3:15 a.m.3 views

CVE-2025-3403

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

5.1CVSS0.00395EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/04/08 3:0 a.m.3 views

CVE-2025-3403 Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in source

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

5.1CVSS6.4AI score0.00395EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/04/08 3:0 a.m.22 views

CVE-2025-3403 Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in source

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

5.1CVSS0.00395EPSS
Exploits0References4
CVE
CVEadded 2025/04/08 3:0 a.m.50 views

CVE-2025-3403

CVE-2025-3403 affects Vivotek NVR ND8422P, ND9525P and ND9541P running versions 2.4.0.204/3.3.0.104/4.2.0.101. The vulnerability is in the HTML Form Handler component and is caused by a manipulation that leads to inclusion of sensitive information in the source code. It is possible to launch the ...

5.1CVSS6.4AI score0.00395EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/04/08 12:0 a.m.3 views

PT-2025-15329 · Vivotek · Vivotek Nvr Nd8422P +2

Name of the Vulnerable Software and Affected Versions: Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P versions 2.4.0.204/3.3.0.104/4.2.0.101 Description: A vulnerability was found in the HTML Form Handler component of Vivotek NVR devices. The manipulation leads to the inclusion of sensitive...

5.1CVSS3.2AI score0.00395EPSS
Exploits0References10
Rows per page
Query Builder