Lucene search
+L

82 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-1475

Malware in sbrugna...

10CVSS6.4AI score0.02146EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-2568

Malware in sbrugna...

5.4CVSS5.6AI score0.00545EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-14759

Malware in sbrugna...

6.1CVSS6.3AI score0.00805EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47413

Malicious code in bioql PyPI...

3.9CVSS6.6AI score0.00212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35760

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00506EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2896

Malicious code in bioql PyPI...

7.9CVSS6.5AI score0.01212EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/09/23 6:30 p.m.14 views

GP247 and S-Cart have a stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in the Admin Log Viewer of S-Cart =10.0.3 allows a remote authenticated attacker to inject arbitrary web script or HTML via a crafted User-Agent header. The script is executed in an administrator's browser when they view the security log page, which...

5.4CVSS5.3AI score0.00201EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-29547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS...

5.9CVSS6.4AI score0.00753EPSS
Exploits0References2
Veracode
Veracode
added 2025/09/01 12:1 p.m.7 views

Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari, is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking, which allows an attacker to hijack authenticated user WebSocket connections...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-10376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gajim through 0.16.7 unconditionally implements the XEP-0146: Remote Controlling Clients extension. This can be abused by malicious XMPP servers to, for example...

4.5CVSS4.9AI score0.01153EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/18 4:57 p.m.3 views

CVE-2025-55288 Genealogy has a Reflected XSS Vulnerability

Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting XSS vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and U...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/12 11:16 a.m.2 views

CVE-2024-41985

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...

2.6CVSS6.9AI score0.00171EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-4035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least...

4.3CVSS5.8AI score0.00348EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.12 views

PT-2025-24231 · Unknown · Wpsoul Greenshift

Name of the Vulnerable Software and Affected Versions: wpsoul Greenshift versions n/a through 11.5.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting', which allows DOM-Based XSS. This means that an attacker coul...

6.5CVSS6.2AI score0.00215EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:44 a.m.13 views

CVE-2024-52523

Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend again, allowing to read them in plain text when an attacker already has access to an active sessi...

6.5CVSS6.7AI score0.0063EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:7 p.m.9 views

CVE-1999-0202

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...

7.5CVSS7.5AI score0.02013EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/03/07 12:7 p.m.83 views

Exploit for CVE-2525-25748

CVE-2025-25748-Cross-Site-Request-Forgery-CSRF-Vulnerability-i...

7.3CVSS7.8AI score0.00395EPSS
Exploits1
CVE
CVE
added 2025/03/03 3:3 p.m.112 views

CVE-2025-1801

Summary (CVE-2025-1801): A race-condition vulnerability in the Red Hat Ansible Automation Platform (AAP) 2.5 gateway’s aap-gateway GRPC service could let a less-privileged user obtain a greater-privileged user’s JWT, risking session data and server integrity. CVSS v3.1 base score 8.1 (HIGH) with ...

8.1CVSS7.8AI score0.00302EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.5 views

PT-2025-7832 · Unknown · Rustaurius Front End Users

Name of the Vulnerable Software and Affected Versions: Rustaurius Front End Users versions 3.2.30 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored XSS vulnerability. This allows for the storage of malicious scrip...

6.5CVSS9AI score0.00238EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/03 12:0 a.m.11 views

CVE-2024-53943

An issue was discovered in NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic/radio endpoint is vulnerable to XSS via the 2.4 GHz and 5 GHz name parameters, allowing an attacker to execute JavaScript within the context of the current user by injecting JavaScript into the SSID...

6.1AI score0.00303EPSS
Exploits0References3
Rows per page
Query Builder