CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4192

Malicious code in bioql PyPI...

5.9CVSS6AI score0.00253EPSS

Exploits3References8

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-34299

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0019EPSS

Exploits0References3

Tenable Nessus•added 2025/09/10 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2023-2848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation. CVE-2023-2848 Not...

8.8CVSS7.8AI score0.0019EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 3:36 a.m.•2 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8.8CVSS6.7AI score0.0019EPSS

Exploits0References1

OSV•added 2023/09/14 12:15 p.m.•8 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8.8CVSS6.9AI score

Exploits0References3

NVD•added 2023/09/14 12:15 p.m.•7 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8.8CVSS8.3AI score0.0019EPSS

Exploits0References3

OSV•added 2023/09/14 12:15 p.m.•0 views

UBUNTU-CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8.8CVSS5.8AI score0.0019EPSS

Exploits0References5

Prion•added 2023/09/14 12:15 p.m.•11 views

Cross site scripting

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

6.8CVSS8.5AI score0.0019EPSS

Exploits0References3Affected Software1

UbuntuCve•added 2023/09/14 12:15 p.m.•15 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8.8CVSS7.2AI score0.0019EPSS

Exploits0References4

CVE•added 2023/09/14 11:36 a.m.•2500 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross‑Site WebSocket Hijacking vulnerability due to missing header validation. This is documented across multiple sources (NVD entry confirms the issue and impact; connected references point to Movim commits related to the vulnerability). Affected comp...

8.8CVSS8.6AI score0.0019EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/09/14 11:36 a.m.•6 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8CVSS6.7AI score0.0019EPSS

Exploits0References3

Cvelist•added 2023/09/14 11:36 a.m.•9 views

CVE-2023-2848

Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This was the result of a missing header validation...

8CVSS8.8AI score0.0019EPSS

Exploits0References3

CNNVD•added 2023/09/14 12:0 a.m.•1 views

Movim Access Control Error Vulnerability

Movim is a syndicated blogging and chat platform that acts as a web front end for the XMPP protocol. A security vulnerability exists in Movim versions prior to 0.22Z, which stems from a lack of header validation, leading to a cross-site WebSocket hijacking issue...

8.8CVSS6.6AI score0.0019EPSS

Exploits0References4

Positive Technologies•added 2023/09/14 12:0 a.m.•2 views

PT-2023-21749 · Movim · Movim

Name of the Vulnerable Software and Affected Versions: Movim versions prior to 0.22 Description: The issue is related to a Cross-Site WebSocket Hijacking vulnerability due to missing header validation. Recommendations: For versions prior to 0.22, update to version 0.22 or later to resolve the...

8.8CVSS8.5AI score0.0019EPSS

Exploits0References10

OSV•added 2022/05/17 2:57 a.m.•24 views

GHSA-HQ38-V658-G3WP XMPP Clients User Impersonation Vulnerability in Movim Moxl

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for Movim 0.8 - 0.10...

5.9CVSS5.7AI score0.00253EPSS

Exploits3References6

Github Security Blog•added 2022/05/17 2:57 a.m.•12 views

XMPP Clients User Impersonation Vulnerability in Movim Moxl

5.9CVSS6.8AI score0.00253EPSS

Exploits2References7Affected Software1

0day.today•added 2017/02/10 12:0 a.m.•106 views

XMPP Clients User Impersonation Vulnerability

Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...

4.3CVSS5.9AI score0.02715EPSS

Exploits13

CNVD•added 2017/02/10 12:0 a.m.•2 views

Movim User Simulation Vulnerability

Movim is a social networking platform written in PHP and HTML5 based on the XMPP standard protocol. A security vulnerability exists in Movim versions 0.8 through 0.10. The vulnerability exists because the program fails to properly implement "XEP-0280: Message Carbons". A remote attacker can explo...

5.9CVSS7.2AI score0.00253EPSS

Exploits2References1

Prion•added 2017/02/09 8:59 p.m.•7 views

Design/Logic Flaw

4.3CVSS5.7AI score0.00253EPSS

Exploits3References5Affected Software1

NVD•added 2017/02/09 8:59 p.m.•9 views

CVE-2017-5605

5.9CVSS5.7AI score0.00253EPSS

Exploits2References5

Rows per page