Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/10/13 6:20 a.m.4 views

CVE-2025-31992

HCL Unica MaxAI Assistant is susceptible to a HTML injection vulnerability. An attacker could insert special characters that are processed client-side in the context of the user's session...

4.6CVSS7AI score0.00024EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/12 6:30 a.m.1 views

EUVD-2025-33884

HCL Unica MaxAI Assistant is susceptible to a HTML injection vulnerability. An attacker could insert special characters that are processed client-side in the context of the user's session...

4.6CVSS6.4AI score0.00024EPSS
Exploits0References2
CVE
CVEadded 2025/10/12 5:57 a.m.8 views

CVE-2025-31992

CVE-2025-31992 affects HCL Unica MaxAI Assistant. The issue is a HTML injection vulnerability where an attacker could insert special characters that are processed client-side within the user’s session. The CVSSv3.1 metrics in the initial data indicate: AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N, base sc...

4.6CVSS6.6AI score0.00024EPSS
Exploits0References1
Packet Storm News
Packet Storm Newsadded 2025/06/10 12:0 a.m.2 views

ABC-FHE : a Resource-Efficient Accelerator Enabling Bootstrappable Parameters for Client-Side Fully Homomorphic Encryption

As the demand for privacy-preserving computation continues to grow, fully homomorphic encryption FHE-which enables continuous computation on encrypted data-has become a critical solution. However, its adoption is hindered by significant computational overhead, requiring 10000-fold more computatio...

7AI score
Exploits0
NVD
NVDadded 2024/04/09 1:15 a.m.5 views

CVE-2024-30214

The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response. Under certain circumstances, if the parameter contains a JavaScript, the script could be processed on client side...

4.8CVSS5AI score0.00148EPSS
Exploits0References2
Huntr
Huntradded 2021/05/15 1:20 p.m.6 views

Cross-site Scripting (XSS) - Generic in utmsigep/member-directory

✍️ Description Non-administrative functions display success banners after multiple actions that reflect user-input directly without sanitization. 🕵️‍♂️ Proof of Concept Donation Creation and Update - Donations - New Donation - Enter XSS payloads into the fields Last Name, First Name and Receipt ID,...

1AI score
Exploits0
Hacker One
Hacker Oneadded 2020/01/08 9:59 p.m.365 views

X (Formerly Twitter): Bypass Password Authentication for updating email and phone number - Security Vulnerability

Summary: Additional requirement for authentication is an extra layer of security for a person's Twitter account. Instead of only entering the password at the time of log in, twitter further Introduces additional layer of security by prompting users to enter their password before attempting to...

7.2AI score
Exploits0
Rows per page
Query Builder