Lucene search
K

134 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.16 views

EUVD-2018-1149

Malware in sbrugna...

6.1CVSS6.3AI score0.01796EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-24616

Malware in sbrugna...

4.3CVSS4.8AI score0.01212EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-18297

Malware in sbrugna...

6.1CVSS6.3AI score0.01538EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-1945

Malware in sbrugna...

6.1CVSS6.1AI score0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-6887

Malicious code in bioql PyPI...

4.7CVSS5.1AI score0.00925EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-35099

Malicious code in bioql PyPI...

7.3CVSS6.2AI score0.00662EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-24397

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 12:22 a.m.16 views

CVE-2025-51990

XWiki through version 17.3.0 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities in the Administration interface, specifically under the Presentation section of the Global Preferences panel. An authenticated administrator can inject arbitrary JavaScript payloads into the HTTP...

4.8CVSS6.1AI score0.00464EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/20 12:0 a.m.5 views

CVE-2025-51990

XWiki through version 17.3.0 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities in the Administration interface, specifically under the Presentation section of the Global Preferences panel. An authenticated administrator can inject arbitrary JavaScript payloads into the HTTP...

6AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.6 views

CVE-2023-2442

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A specially crafted merge request could lead to a stored XSS on the client side which allows attackers to perform arbitrary actions on behalf of...

8.7CVSS5.6AI score0.96058EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:2 a.m.9 views

CVE-2022-2500

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1. A stored XSS flaw in job error messages allows attackers to perform arbitrary actions on behalf of victims at client side...

5.4CVSS5.1AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 p.m.9 views

CVE-2022-39048

A XSS vulnerability was identified in the ServiceNow UI page assessmentredirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks,...

6.1CVSS5.8AI score0.01089EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/26 12:0 a.m.5 views

IBM Cognos Controller 环境问题漏洞

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. An environment issue vulnerability exists in IBM Cogno...

4.7CVSS5.8AI score0.00186EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/03/06 11:30 a.m.33 views

A New Way To Manage Your Web Exposure: The Reflectiz Product Explained

An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks. Reflectiz shields websites from client-side attacks, supply chain risks, data breaches, privacy violations, a...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/01/18 1:47 p.m.18 views

Are You Ready for PCI DSS 4.0?

The Payment Card Industry Data Security Standard PCI DSS is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. In...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.4 views

PT-2023-27858 · Unknown · Everest News Pro

Name of the Vulnerable Software and Affected Versions: Everest News Pro theme versions 1.1.7 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for the execution of malicious scripts on the client-side, potential...

7.1CVSS6.2AI score0.00351EPSS
Exploits0References5
Imperva Blog
Imperva Blog
added 2023/09/13 1:0 p.m.11 views

The Dark Side of Web Development: Why You Should Be Prioritizing Shadow Code

In the fast-paced world of web development, staying ahead of the curve is paramount, as developers are frequently under pressure to deliver products and functionalities quickly and efficiently. To meet accelerated timelines, they often leverage third-party scripts and open-source libraries,...

7AI score
Exploits0
NVD
NVD
added 2023/08/03 10:15 p.m.27 views

CVE-2023-20218

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

6.1CVSS5.7AI score0.00368EPSS
Exploits0References1
Prion
Prion
added 2023/08/03 10:15 p.m.22 views

Input validation

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

5.8CVSS6AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/03 9:20 p.m.18 views

CVE-2023-20218

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

5.8CVSS6.6AI score0.00368EPSS
Exploits0References1
Rows per page
Query Builder