Lucene search
K

415 matches found

RedhatCVE
RedhatCVE
added 2025/11/12 9:28 a.m.4 views

CVE-2025-61261

A reflected cross-site scripting XSS vulnerability has been identified in CKeditor allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS6.1AI score0.00232EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/07 9:31 p.m.4 views

EUVD-2025-38297

A reflected cross-site scripting XSS vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

5.4CVSS5.8AI score0.00232EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/31 10:8 p.m.9 views

CVE-2023-7315

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS6.2AI score0.00468EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.7 views

CVE-2023-7319

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS6.2AI score0.00466EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.3 views

FreeBSD : Mozilla -- mitigation bypass vulnerability (a240c31b-a394-11f0-9617-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a240c31b-a394-11f0-9617-b42e991fc52e advisory. [email protected] reports: The vulnerability has been rated as having moderate impact, affecting bot...

5.4CVSS5.3AI score0.00255EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-10558

Malware in sbrugna...

5.4CVSS5.5AI score0.00645EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-8224

Malware in sbrugna...

6.1CVSS6.7AI score0.01238EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-23387

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00717EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21026

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00231EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-26417

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.0048EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-22709

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00488EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-29229

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00378EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29227

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00378EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29224

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00378EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/17 8:52 p.m.4 views

CVE-2025-59145

color-name is a JSON with CSS color names. On 8 September 2025, an npm publishing account for color-name was taken over after a phishing attack. Version 2.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrenc...

8.8CVSS6.9AI score0.00473EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/09/17 7:52 p.m.11 views

CVE-2025-59330

error-ex allows error subclassing and stack customization. On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

8.8CVSS6.8AI score0.00378EPSS
Exploits0References9
The Hacker News
The Hacker News
added 2025/09/17 11:3 a.m.2 views

Rethinking AI Data Security: A Buyer's Guide 

Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model LLM platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security...

6.8AI score
Exploits0
OSV
OSV
added 2025/09/15 11:58 p.m.2 views

GHSA-6JP5-HH4C-8C5H [email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.7AI score0.00378EPSS
Exploits0References7
OSV
OSV
added 2025/09/15 11:32 p.m.3 views

GHSA-PXX3-G568-HXR4 [email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for color-convert was taken over after a phishing attack. Version 3.1.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's...

8.8CVSS6.7AI score0.00378EPSS
Exploits0References7
OSV
OSV
added 2025/09/15 9:29 p.m.6 views

GHSA-QRMH-QG46-72PP [email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for color was taken over after a phishing attack. Version 5.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.7AI score0.00378EPSS
Exploits0References7
Rows per page
Query Builder