EUVD-2024-0472

Malicious code in bioql PyPI...

EUVD-2023-2747

Malicious code in bioql PyPI...

EUVD-2024-3072

Malicious code in bioql PyPI...

EUVD-2024-2835

Malicious code in bioql PyPI...

EUVD-2022-15569

Malicious code in bioql PyPI...

EUVD-2023-23938

Malicious code in bioql PyPI...

EUVD-2022-3477

Malicious code in bioql PyPI...

EUVD-2023-40421

Malicious code in bioql PyPI...

EUVD-2024-3621

Malicious code in bioql PyPI...

EUVD-2025-6869

Malicious code in bioql PyPI...

EUVD-2024-52775

Malicious code in bioql PyPI...

EUVD-2023-2788

Malicious code in bioql PyPI...

NiceGUI has a Reflected XSS

Summary A Cross-Site Scripting XSS risk exists in NiceGUI when developers render unescaped user input into the DOM using ui.html. Before version 3.0, NiceGUI does not enforce HTML or JavaScript sanitization, so applications that directly combine components like ui.input with ui.html without...

Cross-site Scripting (XSS)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cross-site Scripting XSS via incomplete HTML sanitization in the client-side PDF export pipeline. An attacker can exploit...

[SECURITY] Fedora 41 Update: rust-ammonia-3.3.1-1.fc41

HTML Sanitization...

[SECURITY] Fedora 43 Update: rust-ammonia-4.1.2-1.fc43

HTML Sanitization...

PT-2025-39244

Name of the Vulnerable Software and Affected Versions Schema & Structured Data for WP & AMP versions prior to 1.50 Description The software does not properly handle HTML tag attribute modifications, which allows for unauthenticated attackers to conduct Stored Cross-Site Scripting XSS attacks via...

Cross-site Scripting (XSS)

Overview ammonia is a whitelist-based HTML sanitization library. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the cleaning process when handling embedded svg or math tags. An attacker can execute arbitrary scripts in the context of the affected application by...

CVE-2025-34175

In pfSense CE /usr/local/www/suricata/suricatafilecheck.php, the value of the filehash parameter is directly displayed without sanitizing for HTML-related characters/strings. This can result in reflected cross-site scripting if the victim is authenticated...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the policyname parameter not being cleaned of...