Lucene search
K

117 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-16082

Malware in sbrugna...

5.8CVSS5.9AI score0.01599EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-16083

Malware in sbrugna...

10CVSS8.7AI score0.01158EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-16099

Malware in sbrugna...

8.1CVSS6.3AI score0.01037EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-25572

Malware in sbrugna...

8.1CVSS6.8AI score0.00602EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-29622

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.01082EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-41431

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00551EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10682

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.003EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42303

Malicious code in bioql PyPI...

8.2CVSS8.2AI score0.00664EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-8640

Malicious code in bioql PyPI...

7.4CVSS6.7AI score0.01352EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:28 a.m.10 views

CVE-2024-45308

HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by t...

6.5CVSS7AI score0.00551EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.8 views

CVE-2022-24837

HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes an...

5.3CVSS6.6AI score0.01082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 p.m.9 views

CVE-2021-29474

HedgeDoc formerly known as CodiMD is an open-source collaborative markdown editor. An attacker can read arbitrary .md files from the server's filesystem due to an improper input validation, which results in the ability to perform a relative path traversal. To verify if you are affected, you can t...

5.8CVSS6.8AI score0.01599EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:23 p.m.10 views

CVE-2021-29503

HedgeDoc is a platform to write and share markdown. HedgeDoc before version 1.8.2 is vulnerable to a cross-site scripting attack using the YAML-metadata of a note. An attacker with write access to a note can embed HTML tags in the Open Graph metadata section of the note, resulting in the frontend...

8.1CVSS6AI score0.01037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:23 p.m.16 views

CVE-2021-29475

HedgeDoc formerly known as CodiMD is an open-source collaborative markdown editor. An attacker is able to receive arbitrary files from the file system when exporting a note to PDF. Since the code injection has to take place as note content, there fore this exploit requires the attackers ability t...

10CVSS7.2AI score0.01158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/12 2:3 p.m.34 views

CVE-2025-32391

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub...

6.4CVSS5.9AI score0.003EPSS
Exploits0References1
NVD
NVD
added 2025/04/10 2:15 p.m.15 views

CVE-2025-32391

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub...

6.4CVSS0.003EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/10 1:11 p.m.20 views

CVE-2025-32391 HedgeDoc allows XSS possibility through malicious SVG uploads

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub...

6.4CVSS0.003EPSS
Exploits0References4
OSV
OSV
added 2025/04/10 1:11 p.m.10 views

CVE-2025-32391 HedgeDoc allows XSS possibility through malicious SVG uploads

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub...

6.4CVSS6AI score0.003EPSS
Exploits0References6
CVE
CVE
added 2025/04/10 1:11 p.m.70 views

CVE-2025-32391

HedgeDoc has a vulnerability (CVE-2025-32391) up to version 1.10.2 where uploading a malicious SVG can trigger cross-site scripting when the file is opened in a new tab, via the GitHub Gist JSONP embedding feature. The issue affects instances using the local filesystem upload backend or configura...

6.4CVSS6.1AI score0.003EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/10 1:11 p.m.10 views

CVE-2025-32391 HedgeDoc allows XSS possibility through malicious SVG uploads

HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub...

6.4CVSS6.1AI score0.003EPSS
Exploits0References4
Rows per page
Query Builder