Lucene search
+L

203 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-21304

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00437EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-21329

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-21301

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00399EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-21331

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00399EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-19353

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-21317

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00399EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 6:15 p.m.7 views

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

6.4CVSS0.00215EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.8 views

PT-2025-23011 · Auth-Js · Auth-Js

Name of the Vulnerable Software and Affected Versions: auth-js versions prior to 2.69.1 Description: The issue concerns the auth-js library, an isomorphic Javascript library for Supabase Auth. Prior to version 2.69.1, certain library functions such as getUserById, deleteUser, updateUserById,...

6.9CVSS6.3AI score0.00745EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 9:47 a.m.10 views

CVE-2024-34687

SAP NetWeaver Application Server for ABAP and ABAP Platform do not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker can control code that is executed within a user’s browser, which could result in modification, deletion of data, includin...

6.5CVSS6.4AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.8 views

CVE-2024-22128

SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...

6.1CVSS5AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.12 views

CVE-2024-33002

Document Service handler obsolete in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability with low impact on Confidentiality and Integrity of the application...

6.1CVSS6AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.13 views

CVE-2023-23852

SAP Solution Manager System Monitoring - version 720, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.11 views

CVE-2023-24525

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

5.4CVSS5.8AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.8 views

CVE-2023-29188

SAP CRM WebClient UI - versions SAPSCORE 129, S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, S4FND 107, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS...

5.4CVSS5.7AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:8 p.m.8 views

CVE-2021-33673

Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. This allows an attacker to exploit a Stored Cross-Site Scripting XSS vulnerability when a user browses through the employee directory and to execute arbitrary code ...

8.3CVSS5.9AI score0.00837EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.10 views

CVE-2020-6281

SAP Business Objects Business Intelligence Platform BI Launchpad, version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting...

6.1CVSS6.9AI score0.00784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 a.m.9 views

CVE-2019-0378

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name of the background image resulting in Stored Cross-Site Scripting...

5.4CVSS6.4AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:37 a.m.8 views

CVE-2019-0374

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting...

5.4CVSS6.9AI score0.00733EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 a.m.9 views

CVE-2019-0369

SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability...

5.4CVSS6.5AI score0.00526EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 a.m.8 views

CVE-2019-0375

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the export dialog box of the report name resulting in reflected Cross-Site Scripting...

5.4CVSS6.9AI score0.00733EPSS
Exploits0References1
Rows per page
Query Builder