CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/01/23 5:16 p.m.•5 views

CVE-2025-67231

A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

5.9CVSS0.00019EPSS

Exploits0References2

OSV•added 2026/01/23 5:16 p.m.•3 views

CVE-2025-67231

A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

5.9CVSS6AI score

Exploits0References2

CNNVD•added 2026/01/23 12:0 a.m.•2 views

ToDesktop Builder security vulnerabilities

ToDesktop Builder is a desktop application building tool developed by ToDesktop Company in Ireland. Version 0.33.1 of ToDesktop Builder contains a security vulnerability. This vulnerability stems from reflective cross-site scripting, which could allow attackers to execute arbitrary code in the...

5.9CVSS6.1AI score0.00019EPSS

Exploits0References3

CVE•added 2026/01/23 12:0 a.m.•9 views

CVE-2025-67231

CVE-2025-67231 is a confirmed reflected XSS in ToDesktop Builder v0.33.1. The issue allows an attacker to execute arbitrary code in the context of a user’s browser via a crafted payload. Documented by multiple feeds (NVD, Red Hat, CIRCL, attackerkb, CVE lists) consistently describe a reflected XS...

5.9CVSS5.6AI score0.00019EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/01/23 12:0 a.m.•3 views

CVE-2025-67231

A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

5.6AI score0.00019EPSS

Exploits0References2

Cvelist•added 2026/01/23 12:0 a.m.•27 views

CVE-2025-67231

A reflected cross-site scripting XSS vulnerability in ToDesktop Builder v0.33.1 allows attackers to execute arbitrary code in the context of a user's browser via a crafted payload...

0.00019EPSS

Exploits0References2

CNNVD•added 2022/05/05 12:0 a.m.•2 views

Matrix matrix-appservice-irc 注入漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. matrix-appservice-irc is a bridge for Matrix. This bridge passes all IRC messages to Matrix and all Matrix messages to IRC. An injection vulnerability exists in Matrix matrix-appservice-irc version 0.33.1 and...

8.8CVSS7.9AI score0.00509EPSS

Exploits0References4

Cvelist•added 2022/02/14 8:45 p.m.•21 views

CVE-2022-23637 Stored Cross-Site-Scripting (XSS) in Markdown Editor

K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...

6.1CVSS6.3AI score0.00206EPSS

Exploits0References2

CVE•added 2022/02/14 8:45 p.m.•104 views

CVE-2022-23637

K-Box (web-based document/image/geodata manager) contains a stored XSS vulnerability in the markdown editor used for document abstracts and markdown previews. The issue arises from unsafely handled input in the editor, where a crafted anchor link can trigger untrusted JavaScript actions (e.g., co...

6.1CVSS5.5AI score0.00206EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by