Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1126500 matches found

RedHat Linux
RedHat Linuxadded 2026/06/01 11:21 a.m.13 views

PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation

A flaw was found in PHP, specifically within the PHP-FPM status page. Due to improper sanitation of user data, a remote attacker can craft a malicious URL. When a user views the PHP-FPM status page with this crafted URL, it can lead to the execution of arbitrary JavaScript code Cross-Site Scripti...

8.8CVSS6.1AI score0.00076EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/06/01 11:21 a.m.10 views

Important: Red Hat Security Advisory: php:8.2 security update

An update for the php:8.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS5.9AI score0.00123EPSS
Exploits1References5
NVD
NVDadded 2026/06/01 11:16 a.m.9 views

CVE-2026-25599

Missing authentication and clear‑text transmission of data from the heat pumps to the control server, combined with the absence of input validation on aggregated data, can lead to stored XSS that enables theft of cookies from the pump’s web control interface. Older Orca heat pump devices...

6.3CVSS0.00017EPSS
Exploits0References1
NVD
NVDadded 2026/06/01 11:16 a.m.10 views

CVE-2026-10244

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function createmedicinename of the file /ShowForm/createmedicinename/main. Performing a manipulation of the argument medicinename results in cross site scripting. The atta...

5.1CVSS0.00035EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 11:16 a.m.11 views

CVE-2026-10247

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS0.00035EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 11:16 a.m.10 views

CVE-2026-10246

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...

5.1CVSS0.00035EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 11:16 a.m.7 views

CVE-2026-10245

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

5.1CVSS0.00035EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletinsadded 2026/06/01 10:46 a.m.10 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for May 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF005. These vulnerabilities have been also adressed in 24.0.0-IF007, 24.0.1-IF007 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a...

7.6CVSS6.9AI score0.00876EPSS
Exploits0Affected Software1
Snyk
Snykadded 2026/06/01 10:29 a.m.4 views

Cross-site Scripting (XSS)

Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the MessageServlet component. An attacker can inject arbitrary HTTP response headers by setting malicious JMS message...

6.1CVSS5.5AI score0.00236EPSS
Exploits0References2
Snyk
Snykadded 2026/06/01 10:29 a.m.3 views

Cross-site Scripting (XSS)

Overview org.apache.activemq:activemq-web is a message broker and JMS 1.1 implementation. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the MessageServlet component. An attacker can inject arbitrary HTTP response headers by setting malicious JMS message...

6.1CVSS5.5AI score0.00236EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/01 10:0 a.m.6 views

CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS4.3AI score0.00035EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/01 10:0 a.m.6 views

CVE-2026-10247

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS4.3AI score0.00035EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/06/01 10:0 a.m.28 views

CVE-2026-10247 SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS0.00035EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 10:0 a.m.17 views

EUVD-2026-33621

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function creategenericname of the file /ShowForm/creategenericname/main. The manipulation of the argument genericname results in cross site scripting. The attack may be launched...

5.1CVSS4.3AI score0.00035EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 10:0 a.m.13 views

CVE-2026-10247

CVE-2026-10247 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability lies in the function create_generic_name in /ShowForm/create_generic_name/main, where manipulation of the argument generic_name leads to cross-site scripting. The attack can be carried out remotely an...

5.1CVSS4.3AI score0.00035EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 9:45 a.m.9 views

CVE-2026-10246

CVE-2026-10246 affects SourceCodester Pharmacy Sales and Inventory System 1.0. The vulnerability is in the create_medicine_presentation function of the file /ShowForm/create_medicine_presentation/main, where manipulation of the medicine_presentation argument yields cross-site scripting. The issue...

5.1CVSS4.1AI score0.00035EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 9:45 a.m.7 views

CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...

5.1CVSS4.1AI score0.00035EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 9:45 a.m.7 views

EUVD-2026-33620

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...

5.1CVSS4.1AI score0.00035EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/01 9:45 a.m.6 views

CVE-2026-10246

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...

5.1CVSS4.1AI score0.00035EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/06/01 9:45 a.m.35 views

CVE-2026-10246 SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function createmedicinepresentation of the file /ShowForm/createmedicinepresentation/main. The manipulation of the argument medicinepresentation leads to cross site scripting. The attack may...

5.1CVSS0.00035EPSS
Exploits0References6
Rows per page
Query Builder