Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

OSV
OSVadded 2026/03/26 2:16 a.m.1 views

UBUNTU-CVE-2026-4833

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.4AI score0.0002EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2026/03/26 2:16 a.m.0 views

CVE-2026-4833

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.5AI score0.0002EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/26 1:2 a.m.1 views

CVE-2026-4833 Orc discount Markdown markdown.c compile recursion

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

4.8CVSS5.5AI score0.0002EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-0618

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00563EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/05/23 9:46 a.m.5 views

CVE-2024-25873

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

5.4CVSS8.2AI score0.00113EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2024/10/17 2:48 a.m.2 views

SUSE CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

5.9CVSS5.8AI score0.00476EPSS
Exploits0References7
OSV
OSVadded 2024/10/16 9:15 p.m.2 views

DEBIAN-CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS5.3AI score0.00476EPSS
Exploits0References1
OSV
OSVadded 2024/10/16 9:15 p.m.1 views

UBUNTU-CVE-2024-47888

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS6.4AI score0.00476EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2024/10/16 8:31 p.m.15 views

CVE-2024-47888 Action Text has possible ReDoS vulnerability in plain_text_for_blockquote_node

Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the plaintextforblockquotenode helper in Action Text. Carefully crafted text can cause the...

8.7CVSS6.8AI score0.00476EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 12:51 p.m.2 views

Malicious code in extension-blockquote (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSVadded 2024/10/16 12:51 p.m.2 views

MAL-2024-9613 Malicious code in extension-blockquote (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Snyk
Snykadded 2024/10/15 11:35 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview actiontext is a package to edit and display rich text in Rails applications. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the plaintextforblockquotenode helper function due to the usage of an insecure regular expression. By...

8.7CVSS6.6AI score0.00476EPSS
Exploits0References2
NVD
NVDadded 2024/02/22 2:15 p.m.8 views

CVE-2024-25873

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

5.4CVSS7.8AI score0.00113EPSS
Exploits1References2
Prion
Prionadded 2024/02/22 2:15 p.m.7 views

Design/Logic Flaw

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

8.6AI score0.00113EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/02/22 12:0 a.m.13 views

CVE-2024-25873

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

8AI score0.00113EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/02/22 12:0 a.m.4 views

PT-2024-21177 · Enhavo · Enhavo

Name of the Vulnerable Software and Affected Versions: Enhavo version 0.13.1 Description: The issue is related to an HTML injection vulnerability in the Author text field under the Blockquote module. This allows attackers to execute arbitrary code via a crafted payload. Recommendations: For Enhav...

5.4CVSS8.1AI score0.00113EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2024/02/22 12:0 a.m.15 views

CVE-2024-25873

Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload...

8.2AI score0.00113EPSS
Exploits1References2
CVE
CVEadded 2024/02/22 12:0 a.m.4039 views

CVE-2024-25873

Enhavo v0.13.1 contains an HTML injection vulnerability in the Blockquote module’s Author text field that can execute arbitrary code via a crafted payload. Public sources identify the affected component (Author field in Blockquote) and the impact (arbitrary code execution). No explicit patches ar...

5.4CVSS8.1AI score0.00113EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2022/12/12 3:15 a.m.1 views

DEBIAN-CVE-2022-44031

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields...

6.1CVSS6AI score0.00669EPSS
Exploits0References1
OSV
OSVadded 2022/12/12 3:15 a.m.0 views

UBUNTU-CVE-2022-44031

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields...

6.1CVSS6.4AI score0.00669EPSS
Exploits0References3
Rows per page
Query Builder