CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

15 matches found

NVD•added 2025/11/13 9:15 p.m.•4 views

CVE-2025-64744

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

3.5CVSS0.00025EPSS

Exploits0References1

EUVD•added 2025/11/13 8:30 p.m.•3 views

EUVD-2025-175381

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

3.5CVSS6AI score0.00025EPSS

Exploits0References1

Vulnrichment•added 2025/11/13 8:30 p.m.•4 views

CVE-2025-64744 OpenObserve Vulnerable to HTML Injection in Organization Invitation Emails

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

3.5CVSS6.2AI score0.00025EPSS

Exploits0References1

Cvelist•added 2025/11/13 8:30 p.m.•7 views

CVE-2025-64744 OpenObserve Vulnerable to HTML Injection in Organization Invitation Emails

OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This indicates that user-controlled input is inserted into the email template without...

3.5CVSS0.00025EPSS

Exploits0References1

CVE•added 2025/11/13 8:30 p.m.•12 views

CVE-2025-64744

OpenObserve vulnerable to HTML injection in organization invitation emails. Affected versions up to 0.16.1 render HTML from user-supplied organization names in email templates due to insufficient HTML escaping. As of publication, no patched versions are available (multiple sources corroborate acr...

3.5CVSS6.2AI score0.00025EPSS

Exploits0References1

Positive Technologies•added 2025/11/13 12:0 a.m.•4 views

PT-2025-46906

Name of the Vulnerable Software and Affected Versions OpenObserve versions prior to 0.16.2 Description OpenObserve is a cloud-native observability platform. When creating or renaming an organization with HTML in the name, the markup is rendered inside the invitation email. This occurs because...

3.5CVSS6.3AI score0.00025EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-19825

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00489EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:54 a.m.•7 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS6.3AI score0.00489EPSS

Exploits0References1

NVD•added 2024/03/07 10:15 a.m.•14 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS4.3AI score0.00489EPSS

Exploits0References1

OSV•added 2024/03/07 10:15 a.m.•0 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS5.8AI score

Exploits0References1

Prion•added 2024/03/07 10:15 a.m.•19 views

Information disclosure

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4CVSS6.5AI score0.00489EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/03/07 10:8 a.m.•16 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS4.6AI score0.00489EPSS

Exploits0References1

Positive Technologies•added 2024/03/07 12:0 a.m.•3 views

PT-2024-2188 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...

7.8CVSS6.9AI score0.00489EPSS

Exploits0References5

Kitploit•added 2023/10/28 11:30 a.m.•34 views

CloudPulse - AWS Cloud Landscape Search Engine

During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible ways to get in an organization. CloudPulse is a powerful tool that simplifies and enhances the analysis of SSL certificate data. It leverage...

Exploits0References4

OSV•added 2021/05/27 8:15 p.m.•0 views

CVE-2020-14329

A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint. This flaw allows users from other organizations in the system to retrieve any label from the organization and also disclose organization names. The...

3.3CVSS5.7AI score0.00041EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by