Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/03/16 2:19 p.m.0 views

CVE-2026-32774

Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability in comment hypertext handling that allows attackers to inject malicious scripts. Remote attackers can inject XSS payloads through comments to execute arbitrary JavaScript in victims' browsers...

5.4CVSS6.1AI score
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/02/11 6:43 a.m.4 views

CVE-2026-26079

A flaw was found in Roundcube Webmail. This vulnerability allows for Cascading Style Sheets CSS injection, a technique where an attacker can inject malicious styling code into a web page. This occurs due to the application mishandling comments. Successful exploitation could lead to the disclosure...

4.7CVSS5.5AI score0.00085EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2025/12/08 12:0 a.m.3 views

PT-2025-49551

In affected versions, vulnerability-lookup handled user-controlled content in comments and bundles in an unsafe way, which could lead to stored Cross-Site Scripting XSS. On the backend, the related vulnerabilities field of bundles accepted arbitrary strings without format validation or proper...

8.3CVSS6.2AI score0.0005EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-2914

Malware in sbrugna...

6.1CVSS6.3AI score0.00328EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/03/09 12:0 a.m.2 views

GeSHi 代码注入漏洞

GeSHi is a Generic Syntax Highlighter open source PHP generic syntax highlighter. A code injection vulnerability exists in GeSHi version 1.0.9.1 and earlier, which stems from incorrect manipulation of the parameters default-styles, keywords-1, keywords-2, keywords-3, keywords-4, and comments can...

6.1CVSS4.5AI score0.00193EPSS
Exploits1References7
Snyk
Snykadded 2024/03/05 10:15 p.m.2 views

Improper Neutralization

Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Improper Neutralization. Go Vulnerability Report: The ParseAddressList function incorrectly handles comments text within parentheses within display names. Since this is a...

8.7CVSS6.8AI score0.02017EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/09/07 2:34 a.m.2 views

SUSE CVE-2023-39318

The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS atta...

6.8CVSS6.7AI score0.00087EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2016/12/13 12:0 a.m.29 views

openSUSE Security Update : pacemaker (openSUSE-2016-1447)

This update for pacemaker fixes the following issues : - remote: Allow cluster and remote LRM API versions to diverge bsc1009076 - libcrmcommon: fix CVE-2016-7035 improper IPC guarding bsc1007433 - sysconfig: minor tweaks typo, wording - spec: more robust check for systemd being in use - spec:...

8.8CVSS7.6AI score0.02415EPSS
Exploits0References11
Rows per page
Query Builder