CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

308 matches found

Tenable Nessus•added 2025/08/18 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2019-10768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In AngularJS before 1.7.9 the function merge could be tricked into adding or modifying properties of Object.prototype using a proto payload. CVE-2019-10768 Note...

7.5CVSS6.9AI score0.00411EPSS

Exploits1References2

Tenable Nessus•added 2025/08/15 12:0 a.m.•4 views

TencentOS Server 4: grafana (TSSA-2025:0594)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0594 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

6.1CVSS6.6AI score0.04265EPSS

Exploits4References6

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-14537 Malicious code in angularjs-in-view (npm)

The package angularjs-in-view was found to contain malicious code...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in angularjs-in-view (npm)

The package angularjs-in-view was found to contain malicious code...

7AI score

Exploits0

Tenable Nessus•added 2025/08/10 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-8372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a...

4.8CVSS6.3AI score0.00018EPSS

Exploits1References2

Tenable Nessus•added 2025/08/09 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2024-8373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper sanitization of the value of the srcset attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can...

4.8CVSS6.2AI score0.00013EPSS

Exploits1References2

RedhatCVE•added 2025/06/06 5:21 p.m.•4 views

CVE-2025-2336

Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and...

4.8CVSS7AI score0.00198EPSS

Exploits0References1

Snyk•added 2025/06/04 6:30 p.m.•2 views

Incomplete Filtering of Special Elements

Overview org.webjars.bower:angular-sanitize is an AngularJS module for sanitizing HTML Affected versions of this package are vulnerable to Incomplete Filtering of Special Elements through the ngSanitize module. An attacker can manipulate image sources and perform content spoofing by injecting...

6.3CVSS6.7AI score0.00198EPSS

Exploits0References2

OSV•added 2025/06/04 6:30 p.m.•2 views

GHSA-4P4W-6HG8-63WX AngularJS Incomplete Filtering of Special Elements vulnerability

4.8CVSS7AI score0.00198EPSS

Exploits0References6

Github Security Blog•added 2025/06/04 6:30 p.m.•8 views

AngularJS Incomplete Filtering of Special Elements vulnerability

4.8CVSS6.9AI score0.00198EPSS

Exploits0References6Affected Software1

NVD•added 2025/06/04 5:15 p.m.•14 views

CVE-2025-2336

4.8CVSS0.00198EPSS

Exploits0References4

OSV•added 2025/06/04 5:15 p.m.•1 views

DEBIAN-CVE-2025-2336

4.8CVSS6.8AI score0.00198EPSS

Exploits0References1

OSV•added 2025/06/04 5:15 p.m.•2 views

CVE-2025-2336

4.8CVSS6.9AI score0.00198EPSS

Exploits0References3

OSV•added 2025/06/04 5:15 p.m.•0 views

UBUNTU-CVE-2025-2336

4.8CVSS5.8AI score0.00198EPSS

Exploits0References6

UbuntuCve•added 2025/06/04 5:15 p.m.•3 views

CVE-2025-2336

4.8CVSS7AI score0.00198EPSS

Exploits0References5

CVE•added 2025/06/04 4:32 p.m.•122 views

CVE-2025-2336

CVE-2025-2336 concerns AngularJS ngSanitize: an improper sanitization flaw allows bypassing image source restrictions via the href and xlink:href attributes in SVG elements. The root cause is inadequate sanitization, which can lead to Content Spoofing and potentially degrade application performa...

4.8CVSS6.7AI score0.00198EPSS

Exploits0References4

Cvelist•added 2025/06/04 4:32 p.m.•31 views

CVE-2025-2336 AngularJS improper sanitization in SVG '<image>' element with 'ngSanitize'

4.8CVSS0.00198EPSS

Exploits0References2

Debian CVE•added 2025/06/04 4:32 p.m.•6 views

CVE-2025-2336

4.8CVSS6.8AI score0.00198EPSS

Exploits0

Vulnrichment•added 2025/06/04 4:32 p.m.•6 views

CVE-2025-2336 AngularJS improper sanitization in SVG '<image>' element with 'ngSanitize'

4.8CVSS5AI score0.00198EPSS

Exploits0References2

CNNVD•added 2025/06/04 12:0 a.m.•1 views

AngularJS 安全漏洞

AngularJS is a TypeScript-based open source web application framework from AngularJS Open Source. A security vulnerability exists in AngularJS 1.3.1 and later versions, which stems from improper cleanup of SVG element attributes in the ngSanitize module, which could lead to content spoofing and...

4.8CVSS6.2AI score0.00198EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by