Lucene search
K

955 matches found

OpenVAS
OpenVAS
added 2026/04/13 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2026:20976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.9CVSS6.9AI score0.13848EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.5 views

CVE-2026-5370

A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...

5.1CVSS4.4AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 6:31 p.m.7 views

EUVD-2026-18484

A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...

5.1CVSS4.3AI score0.00203EPSS
Exploits0References8
Snyk
Snyk
added 2026/04/02 6:31 p.m.3 views

Cross-site Scripting (XSS)

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the composeMail function...

5.1CVSS6AI score0.00203EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:30 p.m.4 views

CVE-2026-5370

A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...

5.1CVSS4.3AI score0.00203EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/04/02 5:30 p.m.22 views

CVE-2026-5370 krayin laravel-crm Activities Module/Notes inbox.spec.ts composeMail cross site scripting

A vulnerability was identified in krayin laravel-crm up to 2.2. Impacted is the function composeMail of the file packages/Webkul/Admin/tests/e2e-pw/tests/mail/inbox.spec.ts of the component Activities Module/Notes Module. The manipulation leads to cross site scripting. Remote exploitation of the...

5.1CVSS0.00203EPSS
Exploits0References7
CVE
CVE
added 2026/04/02 5:30 p.m.14 views

CVE-2026-5370

The vulnerability CVE-2026-5370 affects krayin laravel-crm up to 2.2 . The issue is in the Activities Module/Notes Module specifically the function composeMail in the file path shown, where manipulation leads to cross-site scripting . Remote exploitation is possible and the exploit is publicly av...

5.1CVSS4.3AI score0.00203EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Webkul Krayin CRM 代码注入漏洞

Webkul Krayin CRM is a free and open-source CRM solution for small and medium-sized businesses from the Indian company Webkul. Versions of Webkul Krayin CRM 2.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from an error in the composeMail function of the...

5.1CVSS5.7AI score0.00203EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/28 12:25 a.m.10 views

SUSE CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS6.1AI score0.00469EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 10:9 a.m.3 views

SUSE-SU-2026:20949-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

8.9CVSS6.7AI score0.13848EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 10:9 a.m.6 views

SUSE-SU-2026:20976-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

8.9CVSS7AI score0.13848EPSS
Exploits1References7
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.9 views

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.9 views

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.11 views

CVE-2026-33747 vulnerabilities

Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...

9.8CVSS7.2AI score0.00498EPSS
Exploits0
Wolfi
Wolfi
added 2026/03/27 7:48 a.m.8 views

CVE-2026-33748 vulnerabilities

Vulnerabilities for packages: trivy, kubescape, docker-compose, guac, podman, docker-cli-buildx, kaniko, zot, scorecard, osv-scanner, conftest, trivy-operator, buildah, skaffold...

8.2CVSS7AI score0.00463EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.5 views

GHSA-4VRQ-3VRQ-G6GG vulnerabilities

Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.3 views

GHSA-4C29-8RGM-JVJJ vulnerabilities

Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.6 views

CVE-2026-33748 vulnerabilities

Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...

8.2CVSS7AI score0.00463EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/27 7:17 a.m.7 views

CVE-2026-33747 vulnerabilities

Vulnerabilities for packages: conftest-fips, kubescape-server-fips, buildah, docker-cli-buildx-fips, docker-compose, osv-scanner, trivy, cloudbeat, docker-cli-buildx, trivy-operator, zot, kaniko, kaniko-fips, livekit-cli, skaffold-fips, podman, kubescape, docker-compose-fips, podman-fips,...

9.8CVSS7.2AI score0.00498EPSS
Exploits0
OSV
OSV
added 2026/03/26 8:16 p.m.5 views

DEBIAN-CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS5.7AI score0.00469EPSS
Exploits1References1
Rows per page
Query Builder