Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6757 matches found

Vulnrichment
Vulnrichmentadded 2025/09/08 10:2 a.m.5 views

CVE-2019-25225

sanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting XSS. The sanitizeHtml function in index.js does not sanitize content when using the custom transformTags option, which is intended to convert attribute values into text. As a result, malicious input can be transformed...

6.1CVSS6AI score0.00251EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2025/09/08 10:2 a.m.4 views

CVE-2019-25225

sanitize-html prior to version 2.0.0-beta is vulnerable to Cross-site Scripting XSS. The sanitizeHtml function in index.js does not sanitize content when using the custom transformTags option, which is intended to convert attribute values into text. As a result, malicious input can be transformed...

6.1CVSS5.2AI score0.00251EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2025/09/08 12:0 a.m.3 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

7.6AI score0.00673EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/09/08 12:0 a.m.4 views

Avigilon ACM 安全漏洞

Avigilon ACM is a physical access control system from Avigilon USA. A security vulnerability exists in Avigilon ACM version v7.10.0.20, which originates from CSV injection and could lead to the execution of arbitrary code...

9.8CVSS7AI score0.00673EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/09/08 12:0 a.m.4 views

PT-2025-36650

Rancher Fleet Helm Values are stored inside BundleDeployment in plain text in github.com/rancher/fleet...

6.8AI score
Exploits0References3
Gitee
Giteeadded 2025/09/06 4:31 p.m.108 views

Exploit for CVE-2015-2231

adups-get-super-serial CVE-2015-2231 Proof of Concept The POC I was using to demonstrate CVE-2015-2231 'Get Super Serial'. Was asked by a few people to post it so they could use similar things on other ADUPS firmware based devices which have this vulnerability. Cleaning up the laptop and posting...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/09/06 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-52284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials...

7.7CVSS5.4AI score0.00215EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/09/05 5:10 p.m.5 views

Malicious code in csv-readable-exosphere-style-loader (npm)

The package csv-readable-exosphere-style-loader was found to contain malicious code...

7AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2025/09/05 1:45 p.m.4 views

CVE-2025-58855 WordPress AP HoneyPot WordPress Plugin Plugin <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability

Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V Artprima AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through = 1.4...

7.1CVSS5.9AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/05 1:45 p.m.12 views

CVE-2025-58855 WordPress AP HoneyPot WordPress Plugin Plugin <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability

Improper Neutralization of Formula Elements in a CSV File vulnerability in Denis V Artprima AP HoneyPot WordPress Plugin ap-honeypot allows Reflected XSS.This issue affects AP HoneyPot WordPress Plugin: from n/a through = 1.4...

7.1CVSS0.00219EPSS
Exploits0References1
OSV
OSVadded 2025/09/05 12:16 p.m.3 views

SUSE-SU-2025:20671-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. - CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. - CVE-2024-45620: Incorrect handling of the length of buffers or file...

5.9CVSS6.1AI score0.01156EPSS
Exploits1References17
SUSE Linux
SUSE Linuxadded 2025/09/05 12:16 p.m.2 views

Security update for opensc

This update for opensc fixes the following issues: CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. CVE-2024-45620: Incorrect handling of the length of buffers or files in...

4.4CVSS6.3AI score0.01156EPSS
Exploits1References32
Positive Technologies
Positive Technologiesadded 2025/09/05 12:0 a.m.4 views

PT-2025-36194

Name of the Vulnerable Software and Affected Versions: AP HoneyPot WordPress Plugin versions through 1.4 Description: The AP HoneyPot WordPress Plugin contains a flaw due to improper neutralization of formula elements in a CSV file, which can lead to reflected cross-site scripting XSS...

7.1CVSS5.7AI score0.00219EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/05 12:0 a.m.2 views

WordPress plugin AP HoneyPot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.1CVSS5.9AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/05 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly updating transfer values, which could lead to data corruption...

7.8CVSS6AI score0.00141EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/09/04 12:30 p.m.6 views

CVE-2024-52284

Unauthorized disclosure of sensitive data: Any user with GET or LIST permissions on BundleDeployment resources could retrieve Helm values containing credentials or other secrets...

7.7CVSS6.5AI score0.00215EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2025/09/04 11:9 a.m.3 views

Improper sanitization of CSS values in html/template

...

7.3CVSS9.3AI score0.01037EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2025/09/04 3:57 a.m.6 views

Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

...

3.9CVSS6.7AI score0.00287EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2025/09/04 3:51 a.m.7 views

Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

...

3.9CVSS6.7AI score0.00302EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2025/09/04 3:45 a.m.5 views

Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init

...

3.9CVSS6.7AI score0.00355EPSS
Exploits0
Rows per page
Query Builder