Lucene search
+L

110 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-16082

Malware in sbrugna...

5.8CVSS5.9AI score0.01599EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35510

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00445EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-33631

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00333EPSS
Exploits1References2
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-20216

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00555EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-5772

Malicious code in bioql PyPI...

9.3CVSS7.6AI score0.01205EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43572

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00434EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38834

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00403EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-34415

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00446EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-26415

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.0034EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/09/02 12:0 a.m.3 views

PT-2025-35585

Name of the Vulnerable Software and Affected Versions: Many Notes version 0.10.1 Description: Many Notes version 0.10.1 is susceptible to Cross Site Scripting XSS. This allows malicious Markdown files to execute JavaScript when viewed. Recommendations: At the moment, there is no information about...

6.1CVSS6AI score0.0034EPSS
Exploits1References6
cve
cve
added 2025/09/02 12:0 a.m.17 views

CVE-2025-55474

Many Notes 0.10.1 is vulnerable to Cross Site Scripting (XSS) via Markdown rendering, allowing JavaScript execution when viewed. CVSS v3.1 vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (base 6.1, MEDIUM). Connected sources reference a potential fix in v0.10.2, but explicit remediation details are n...

6.1CVSS6.2AI score0.0034EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2025/09/02 12:0 a.m.11 views

CVE-2025-55474

Many Notes 0.10.1 is vulnerable to Cross Site Scripting XSS, which allows malicious Markdown files to execute JavaScript when viewed...

0.0034EPSS
Exploits1References3
osv
osv
added 2025/09/02 12:0 a.m.5 views

CVE-2025-55474

Many Notes 0.10.1 is vulnerable to Cross Site Scripting XSS, which allows malicious Markdown files to execute JavaScript when viewed...

6.1CVSS6.8AI score0.0034EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/07/07 9:54 a.m.4 views

CVE-2025-3046 Path Traversal via Symbolic Links in run-llama/llama_index

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the...

7.5CVSS7AI score0.00555EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/22 10:20 a.m.5 views

CVE-2019-15726

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server...

5.3CVSS6.6AI score0.01653EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2024/07/17 12:0 a.m.15 views

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow lies in improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted .md files...

7.5CVSS6AI score0.01726EPSS
Exploits0References3Affected Software1
osv
osv
added 2024/05/01 7:15 p.m.2 views

CVE-2024-33300

Typora v1.0.0 through v1.7 version below Markdown editor has a cross-site scripting XSS vulnerability, which allows attackers to execute arbitrary code by uploading Markdown files...

7.3CVSS6AI score0.00552EPSS
Exploits1References1
githubexploit
githubexploit
added 2024/01/22 5:27 p.m.47 views

VulnerabilityResearch

Vulnerability Research Repository Overview Welcome to my...

7.5AI score
Exploits0
cnnvd
cnnvd
added 2023/09/01 12:0 a.m.5 views

Typora Cross-Site Scripting Vulnerability

Typora is an editor. A security vulnerability exists in Typora v1.6.7, which stems from the presence of a cross-site scripting XSS vulnerability that allows attackers to execute arbitrary code by uploading specially crafted Markdown files...

6.1CVSS6.4AI score0.00455EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/07/05 12:0 a.m.3 views

PT-2023-21093 · Diagon · Diagon

Name of the Vulnerable Software and Affected Versions: Diagon version 1.0.139 Description: A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality. This issue can be triggered by a specially crafted markdown file or network request, potentially leading to arbitra...

7.8CVSS8AI score0.00522EPSS
Exploits1References5
Rows per page
Query Builder