Lucene search
K

4510 matches found

EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177883

Malicious code in meta-grep-stack-serialize-authenticate npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179373

Malicious code in decrypt-info-meta-table-big npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177886

Malicious code in meta-boolean-analyze-decode-cloud npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176234

Malicious code in stack-theta-meta-index-web npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178203

Malicious code in kernel-visualize-meta-import-transpile npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-175985

Malicious code in test-sudo-notify-meta-orchestrate npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-188862 Malicious code in promise-meta-node-orchestrate-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d73de94d6841eb4dd5821707f352f8bee1c512dad1e7a52a134db5697862e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-186509 Malicious code in decrypt-info-meta-table-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be4883bdd1cd22e99353350c8cdb2c98e0bd344ac3801dc0999b5d205d66f663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Veracode
Veracode
added 2025/11/12 6:30 a.m.9 views

Information Disclosure

github.com/rancher/rancher is vulnerable to Information Disclosure. The vulnerability is due to improper handling of Impersonate-Extra- headers, which are sent to external entities via the /meta/proxy endpoint, allowing an attacker to access identifiable or sensitive information such as email...

4.7CVSS7.3AI score0.00334EPSS
Exploits0References5Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 8:11 p.m.3 views

Malicious code in nurul-sambel40-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1782c5b256bcd0bd35dfcfd9d2666a33791fa5a5612bea58414c7a25e55a89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2025/11/11 3:30 a.m.3 views

CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...

6.5CVSS0.00342EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/10 5:22 a.m.3 views

CVE-2025-64442

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS6.2AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2025/11/07 9:15 p.m.11 views

CVE-2025-64442

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS0.00199EPSS
Exploits0References3
CVE
CVE
added 2025/11/07 8:28 p.m.13 views

CVE-2025-64442

HumHub (Open Source Enterprise Social Network) versions before 1.17.4 are affected by a cross-site scripting (XSS) vulnerability in the Meta-Search feature, allowing malicious input to execute in search previews. The issue is fixed in version 1.17.4. Impact is consistent with XSS (information dis...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/11/07 8:28 p.m.8 views

CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS0.00199EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/07 8:28 p.m.3 views

CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/07 8:28 p.m.6 views

EUVD-2025-38326

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS5.7AI score0.00199EPSS
Exploits0References3
OSV
OSV
added 2025/11/07 8:28 p.m.5 views

CVE-2025-64442 HumHub is vulnerable to XSS through its Meta Search component

HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability in the Meta-Search feature which allows malicious input to be executed in search previews. This issue is fixed in version 1.17.4...

7.1CVSS6.2AI score0.00199EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.6 views

HumHub 跨站脚本漏洞

HumHub is the HumHub open source suite of open source social networking software written on the Yii PHP framework. A cross-site scripting vulnerability exists in HumHub versions prior to 1.17.4, which stems from a cross-site scripting vulnerability in the Meta-Search functionality that could caus...

7.1CVSS5.9AI score0.00199EPSS
Exploits0References4
Wired Threat Level
Wired Threat Level
added 2025/11/06 11:30 a.m.9 views

Scam Ads Are Flooding Social Media. These Former Meta Staffers Have a Plan

Rob Leathern and Rob Goldman, who both worked at Meta, are launching a new nonprofit that aims to bring transparency to an increasingly opaque, scam-filled social media ecosystem...

7AI score
Exploits0
Rows per page
Query Builder