325 matches found
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
EUVD-2025-198892
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
CVE-2025-60916
A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...
CVE-2025-60916
CVE-2025-60916 is a reflected XSS vulnerability in Austrian OpenAtlas. The issue affects the /overview/network/ endpoint prior to OpenAtlas v8.12.0, where an attacker can inject a crafted payload into the charge parameter to execute arbitrary JavaScript in a user’s browser. The Red Hat/EU ENISA/O...
PT-2026-28467
Name of the Vulnerable Software and Affected Versions Home Assistant versions 2025.02 through 2026.01 Description The "remaining charge time" sensor for mobile phones imported from Android Auto in Home Assistant is susceptible to cross-site scripting XSS. This issue is similar to CVE-2025-62172...
EUVD-2021-21241
Malware in sbrugna...
EUVD-2021-21242
Malware in sbrugna...
EUVD-2021-21240
Malware in sbrugna...
EUVD-2021-21239
Malware in sbrugna...
EUVD-2021-21251
Malware in sbrugna...
EUVD-2021-21237
Malware in sbrugna...
EUVD-2021-21238
Malware in sbrugna...
EUVD-2018-8471
Malware in sbrugna...
EUVD-2025-27116
Malicious code in bioql PyPI...
EUVD-2024-53752
Malicious code in bioql PyPI...
EUVD-2025-29233
Malicious code in bioql PyPI...
CVE-2025-59398
The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...