359 matches found
EUVD-2024-27546
Malicious code in bioql PyPI...
EUVD-2024-21318
Malicious code in bioql PyPI...
EUVD-2025-14356
Malicious code in bioql PyPI...
EUVD-2023-35106
Malicious code in bioql PyPI...
EUVD-2024-30747
Malicious code in bioql PyPI...
EUVD-2022-30669
Malicious code in bioql PyPI...
EUVD-2023-28543
Malicious code in bioql PyPI...
EUVD-2022-27675
Malicious code in bioql PyPI...
GHSA-JC4G-C8WW-5738 DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile
Summary A reflected cross-site scripting XSS vulnerability exists under certain conditions, using a specially crafter url to view a user profile Description DNN’s URL/path handling and template rendering can allow specially crafted input to be reflected into a user profile that are returned to th...
CVE-2025-55888
Cross-Site Scripting XSS vulnerability was discovered in the Ajax transaction manager endpoint of ARD. An attacker can intercept the Ajax response and inject malicious JavaScript into the accountName field. This input is not properly sanitized or encoded when rendered, allowing script execution i...
Linux Distros Unpatched Vulnerability : CVE-2020-27823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest...
Linux Distros Unpatched Vulnerability : CVE-2023-26302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as...
PT-2025-34254 · Unknown · Akaunting 3.1.18
Name of the Vulnerable Software and Affected Versions: Akaunting version 3.1.18 Description: A cross-site scripting XSS issue exists in the /common/reports component of the software. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the name parameter...
CVE-2025-8661
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
CVE-2025-8661
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
CVE-2025-8661 Stored Cross-Site Scripting in Symantec PGP Encryption 11.0.1
A stored Cross-Site Scripting vulnerability XSS occurs when the server does not properly validate or encode the data entered by the user...
PT-2025-32529 · Broadcom · Symantec Pgp Encryption
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A stored Cross-Site Scripting XSS vulnerability occurs when the server does not properly validate or encode user-provided data. Recommendations: At the moment, there is no information about a newer...
Broadcom Symantec PGP Encryption 安全漏洞
Broadcom Symantec PGP Encryption is a data encryption software from Broadcom, Inc. A security vulnerability exists in Broadcom Symantec PGP Encryption that originates from the server not properly validating or encoding user input data, which could lead to a stored cross-site scripting attack...
BIT-GITLAB-2025-2254 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Improper output encoding in the snipper viewer functionality lead to Cross-Site scripting attacks...
CVE-2024-5962
A reflected cross-site scripting XSS vulnerability exists in the authentication endpoint of multiple WSO2 products due to missing output encoding of user-supplied input. A malicious actor can exploit this vulnerability to inject arbitrary JavaScript into the authentication flow, potentially leadi...