Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-43555

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.0035EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-30439

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00468EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43546

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00365EPSS
Exploits0References1
NVD
NVD
added 2022/10/10 8:15 p.m.42 views

CVE-2022-40248

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field...

5.4CVSS0.00365EPSS
Exploits0References1
NVD
NVD
added 2022/10/10 8:15 p.m.27 views

CVE-2022-40257

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field...

5.4CVSS0.0035EPSS
Exploits0References1
OSV
OSV
added 2022/10/10 8:15 p.m.18 views

CVE-2022-40248

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field...

5.4CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2022/10/10 8:15 p.m.17 views

CVE-2022-40257

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field...

5.4CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2022/10/10 8:15 p.m.13 views

Design/Logic Flaw

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field...

4.9CVSS5.5AI score0.00365EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/10 8:15 p.m.17 views

Design/Logic Flaw

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field...

4.9CVSS5.4AI score0.0035EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/10/10 12:0 a.m.52 views

CVE-2022-40257

CVE-2022-40257 affects CERT/CC VINCE software prior to v1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML in the Subject field due to insufficient HTML sanitization. The vulnerability enables HTML injection in VINCE’s handling of email subjects, with CVSS v...

5.4CVSS5.3AI score0.0035EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/10 12:0 a.m.21 views

CVE-2022-40248 An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via form using the "Product Affected" field...

5.8AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 2022/10/10 12:0 a.m.56 views

CVE-2022-40248

CERT/CC VINCE is affected by an HTML injection vulnerability in versions prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via the Product Affected field in a form, potentially impacting data or UI integrity. The vulnerability has been consistently described across multiple sou...

5.4CVSS5.4AI score0.00365EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/10 12:0 a.m.27 views

CVE-2022-40257 An HTML injection vulnerability exists in CERT/CC VINCE software prior to version 1.50.4

An HTML injection vulnerability exists in CERT/CC VINCE software prior to 1.50.4. An authenticated attacker can inject arbitrary HTML via a crafted email with HTML content in the Subject field...

5.6AI score0.0035EPSS
Exploits0References1
NVD
NVD
added 2022/08/16 10:15 p.m.20 views

CVE-2022-25799

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious...

6.1CVSS0.00468EPSS
Exploits1References2
OSV
OSV
added 2022/08/16 10:15 p.m.12 views

CVE-2022-25799

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious...

6.1CVSS6AI score
Exploits0References2
Prion
Prion
added 2022/08/16 10:15 p.m.19 views

Open redirect

An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious...

5.8CVSS5.9AI score0.00468EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/08/16 10:0 p.m.60 views

CVE-2022-25799

CERT/CC VINCE is affected by an open redirect vulnerability in versions prior to 1.50.0. An attacker can craft a URL that, when an authenticated user clicks it, redirects the user’s browser to a malicious site impersonating a legitimate one, potentially enabling credential exposure. The issue’s r...

6.1CVSS5.9AI score0.00468EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder