Lucene search
K

754 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/23 12:0 a.m.3 views

CVE-2024-51224

Multiple cross-site scripting XSS vulnerabilities in the component /admin/edit-vehicle.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the vehiclename, modelnumber, regnumber, vehiclesubtype,...

4.8CVSS5.8AI score0.00184EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.12 views

Pixarra Tree Studio 安全漏洞

Pixarra Tree Studio is a tool developed by the American company Pixarra, focused on capturing natural growth and plant morphology. Version 2.17 of Pixarra Tree Studio contains a security vulnerability, which stems from the improper data input via the keyboard interface. This vulnerability could...

6.9CVSS5.8AI score0.00174EPSS
Exploits1References4
Amazon
Amazon
added 2026/03/19 12:0 a.m.12 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name CVE-2023-54207 In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd...

8.8CVSS6.1AI score0.00468EPSS
Exploits0
CVE
CVE
added 2026/03/10 6:55 p.m.10 views

CVE-2026-2266

CVE-2026-2266 : In GitHub Enterprise Server, there is a DOM-based cross-site scripting vulnerability caused by improper neutralization of input in the task list content rendering. Authenticated users can craft malicious task list items in issues or pull requests to inject user-supplied HTML and e...

7.4CVSS5.9AI score0.00176EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.6 views

Twake 安全漏洞

Twake is a secure open-source collaboration platform developed by LINAGORA, designed to improve organizational productivity. Version Twake 2023.Q1.1223 contains a security vulnerability, which stems from improper input during web page generation. This vulnerability could allow attackers to execut...

8.8CVSS6AI score0.00343EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

Bird-lg-go 安全漏洞

Bird-lg-go is a BGP routing query tool developed by Yuhui Xu. Previous versions of bird-lg-go, including 6187a4e, contained security vulnerabilities. These vulnerabilities stemmed from the traceroute module’s use of shlex.Split to parse user input without proper validation. This could allow remot...

7.5CVSS6AI score0.00388EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/25 7:37 p.m.7 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of attacker-controlled input in Custom RSE Attribute. An attacker can execute arbitrary JavaScript in the context of the WebUI by injecting malicious payloads that are stored and later rendered...

8.2CVSS5.9AI score0.00287EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.6 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:27 a.m.8 views

Incomplete List of Disallowed Inputs

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/02/18 2:0 a.m.8 views

Chromium: CVE-2026-2320 Inappropriate implementation in File input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.5AI score0.0021EPSS
Exploits0
NVD
NVD
added 2026/02/17 8:22 p.m.8 views

CVE-2025-70846

lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting XSS on the /tools/Password/add page in the input field password...

7.1CVSS0.00152EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/02/17 12:0 a.m.4 views

KLA90894 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability can be exploited to...

8.8CVSS6AI score0.2202EPSS
Exploits12References10
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.8 views

PT-2026-7938

GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to crash the application. Attackers can paste a 33-character buffer of repeated characters into the password field to trigger an application crash on iOS devices...

7.5CVSS5.8AI score0.00282EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2026/02/10 12:0 a.m.4 views

KLA90880 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

8.8CVSS6.3AI score0.08272EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Drupal AT Internet SmartTag 安全漏洞

Drupal AT Internet SmartTag is a data analysis integration module developed by the Drupal company. Versions of Drupal AT Internet SmartTag prior to 1.0.1 contained security vulnerabilities, which were caused by improper input during web page generation. These vulnerabilities could lead to...

6.1CVSS5.6AI score0.00149EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/01 12:15 p.m.4 views

CVE-2021-47918

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...

8.6CVSS6AI score0.00511EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.8 views

WordPress plugin BlockArt Blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00181EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.3 views

CVE-2025-68041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codisto Omnichannel for WooCommerce codistoconnect allows Stored XSS.This issue affects Omnichannel for WooCommerce: from n/a through = 1.3.65...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.3 views

CVE-2025-68520 WordPress DotLife theme < 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods DotLife dotlife allows Reflected XSS.This issue affects DotLife: from n/a through 4.9.5...

5.9AI score0.00222EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.7 views

CVE-2025-67959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...

7.1CVSS5.3AI score0.0023EPSS
Exploits0References2
Rows per page
Query Builder