Lucene search
K

6094 matches found

Nuclei
Nuclei
added yesterday121 views

NeDi 1.9C - Cross-Site Scripting

NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...

6.1CVSS6.3AI score0.03442EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday205 views

mooSocial 3.1.8 - External Service Interaction

mooSocial 3.1.8 is vulnerable to external service interaction via multiple parameters in the post function. id: CVE-2023-43323 info: name: mooSocial 3.1.8 - External Service Interaction author: ritikchaddha severity: medium description: | mooSocial 3.1.8 is vulnerable to external service...

6.5CVSS6.6AI score0.0186EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday87 views

Cherokee HTTPD <=0.5 - Cross-Site Scripting

Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated. id: CVE-2006-1681 info:...

4.3CVSS6.2AI score0.06643EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday30 views

Movies <= 0.6 - Cross-Site Scripting

A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...

6.1CVSS6.5AI score0.03983EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday55 views

Node.js st module Directory Traversal

A directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in an unspecified path. id: CVE-2014-3744 info: name: Node.js st module Directory Traversal author: geeknik severity: high description: A...

7.5CVSS7.1AI score0.34012EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday148 views

Odoo <= 8.0-20160726 & 9.0 - Open Redirect

An Open Redirect vulnerability in Odoo versions = 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. id: CVE-2017-5871 info: name: Odoo = 8.0-20160726 & 9.0 - Open Redirect author: 1337rokudenashi severity: medium description: | An Open...

5.8CVSS6.2AI score0.02676EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday103 views

mooSocial v.3.1.8 - Cross-Site Scripting

Cross-Site Scripting XSS vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. id: CVE-2023-44813 info: name: mooSocial v.3.1.8 - Cross-Site Scripting author: ritikchaddha severity:...

6.1CVSS6.7AI score0.01754EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday79 views

kkFileView 4.1.0 - Cross-Site Scripting

kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and...

6.1CVSS6.5AI score0.01131EPSS
Exploits1References5
NVD
NVD
added 5 days ago6 views

CVE-2026-59858

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honor...

8.4CVSS0.00137EPSS
Exploits0References2
OSV
OSV
added 5 days ago5 views

ROOT-OS-DEBIAN-11-CVE-2023-44487 CVE-2023-44487 in rootio-varnish - Patched by Root

Root has patched CVE-2023-44487 in the rootio-varnish package for Root:Debian:11. Multiple fixed versions available...

7.5CVSS8.2AI score0.99999EPSS
Exploits19
OSV
OSV
added 6 days ago38 views

ROOT-APP-PYPI-CVE-2023-6022 CVE-2023-6022 in rootio-prefect - Patched by Root

Root has patched CVE-2023-6022 in the rootio-prefect package for Root:PyPI. Multiple fixed versions available...

8.8CVSS7.4AI score0.00389EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v10.0.8.10 Vulnerability Details CVEID:CVE-2026-33244 DESCRIPTION: React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the...

8.1CVSS7.1AI score0.00808EPSS
Exploits3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/07 3:29 a.m.6 views

CVE-2026-42201

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, database credential fields redispassword, keydbpassword, dragonflypassword, clickhouseadminuser, clickhouseadminpassword, postgresuser, mysqluser are validated only as...

3.3CVSS5.9AI score0.00195EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/07/06 8:45 p.m.4 views

GHSA-Q6H5-Q3Q6-F87X CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation

Impact Users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, which enables hijacking traffic to Services in any namespace, bypassing the namespace-scoping guarantees enforced by serviceMatcher. In addition, deleting such a policy can...

6.9CVSS6AI score0.00341EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 4:41 p.m.5 views

GHSA-55F6-PF8R-C2F4 Open Babel has out-of-bounds write in MOPAC translationVectors[] (UNIT CELL TRANSLATION)

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "UNIT CELL TRANSLATION" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the UNIT CELL...

7.8CVSS6.6AI score0.00816EPSS
Exploits1References6
OSV
OSV
added 2026/07/06 3:50 a.m.8 views

ROOT-OS-DEBIAN-13-CVE-2025-68307 CVE-2025-68307 in rootio-linux - Patched by Root

Root has patched CVE-2025-68307 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.4AI score0.00161EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.6 views

ROOT-OS-DEBIAN-13-CVE-2023-37454 CVE-2023-37454 in rootio-linux - Patched by Root

Root has patched CVE-2023-37454 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS8.3AI score0.00361EPSS
Exploits1
OSV
OSV
added 2026/07/06 3:50 a.m.8 views

ROOT-OS-DEBIAN-13-CVE-2025-71182 CVE-2025-71182 in rootio-linux - Patched by Root

Root has patched CVE-2025-71182 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.4AI score0.00156EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.6 views

ROOT-OS-DEBIAN-13-CVE-2025-40111 CVE-2025-40111 in rootio-linux - Patched by Root

Root has patched CVE-2025-40111 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

6.2AI score0.00193EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.7 views

ROOT-OS-DEBIAN-13-CVE-2025-37966 CVE-2025-37966 in rootio-linux - Patched by Root

Root has patched CVE-2025-37966 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS7.8AI score0.0013EPSS
Exploits0
Rows per page
Query Builder