CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2024/10/13 7:49 a.m.•3 views

Malicious code in splunk-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f3b4cb45a7c61ff4ef92918dc5438c1ae4845121a1c99903638fb56ffdbe8014 The OpenSSF Package Analysis project identified 'splunk-docs' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score

OSV•added 2024/10/13 7:49 a.m.•17 views

MAL-2024-9285 Malicious code in splunk-docs (npm)

7.3AI score

NVD•added 2024/10/08 11:15 a.m.•16 views

CVE-2024-9207

The BuddyPress Docs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00352EPSS

Vulnrichment•added 2024/10/08 11:4 a.m.•9 views

CVE-2024-9207 BuddyPress Docs <= 2.2.3 - Reflected Cross-Site Scripting

6.1CVSS6.4AI score0.00352EPSS

Cvelist•added 2024/10/08 11:4 a.m.•25 views

CVE-2024-9207 BuddyPress Docs <= 2.2.3 - Reflected Cross-Site Scripting

6.1CVSS0.00352EPSS

CVE•added 2024/10/08 11:4 a.m.•40 views

CVE-2024-9207

CVE-2024-9207 affects the WordPress plugin BuddyPress Docs (

6.1CVSS6.3AI score0.00352EPSS

Patchstack•added 2024/10/08 3:4 a.m.•2 views

WordPress BuddyPress Docs plugin <= 2.2.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin BuddyPress Docs versions = 2.2.3...

6.1CVSS6.3AI score0.00352EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/10/08 12:0 a.m.•6 views

WordPress BuddyPress Docs Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software BuddyPress Docs Type Plugin Vulnerable versions = 2.2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9207 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d79eef12da8e Credits vgo0 Required...

6.1CVSS5.9AI score0.00352EPSS

Exploits0References3Affected Software1

CNNVD•added 2024/10/08 12:0 a.m.•2 views

WordPress plugin BuddyPress Docs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.9AI score0.00352EPSS

Exploits0References6

Vulnrichment•added 2024/10/05 12:49 p.m.•10 views

CVE-2024-47647 WordPress FAQ / Accordion / Docs – Helpie WordPress FAQ Accordion plugin plugin <= 1.27 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HelpieWP Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin allows Stored XSS.This issue affects Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin: from n/a through 1.27...

5.9CVSS6.8AI score0.00251EPSS

OSSF Malicious Packages•added 2024/10/05 11:34 a.m.•3 views

Malicious code in discord-api-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14532f4785bce55a885a6fd2945c9705ab690e1385adeee16c6d8d2d9420b4b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

OSV•added 2024/10/05 11:34 a.m.•6 views

MAL-2024-9095 Malicious code in discord-api-docs (npm)

7AI score

OSSF Malicious Packages•added 2024/10/01 10:40 p.m.•2 views

Malicious code in cloudflare-docs-starlight (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cc416353baa88972c0106ceb1b2fa7077b9cfbcd687be15e44c70ee5edc0c526 The OpenSSF Package Analysis project identified 'cloudflare-docs-starlight' @ 1.1.1 npm as malicious. It is considered malicious because: - The...

7.1AI score

OSV•added 2024/10/01 10:40 p.m.•7 views

MAL-2024-9058 Malicious code in cloudflare-docs-starlight (npm)

7.3AI score

OSSF Malicious Packages•added 2024/09/28 3:2 a.m.•4 views

Malicious code in world-id-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 93838b8762b5668a88f866aca84e841a297e171d9f8f0e9258e2a9e99917d8ed The OpenSSF Package Analysis project identified 'world-id-docs' @ 10.10.10 npm as malicious. It is considered malicious because: - The package...

7.1AI score

OSV•added 2024/09/28 3:2 a.m.•5 views

MAL-2024-9018 Malicious code in world-id-docs (npm)

7.3AI score

IBM Security Bulletins•added 2024/09/27 10:41 p.m.•18 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Apache Tomcat [CVE-2024-34750]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Apache Tomcat, caused by a flaw when processing an HTTP/2 stream CVE-2024-34750. Apache Tomcat is used by our Speech microservices. This vulnerabilitiy has been addressed. Please read t...

7.5CVSS7.3AI score0.04602EPSS

Exploits0Affected Software1

OSSF Malicious Packages•added 2024/09/24 8:46 p.m.•3 views

Malicious code in storj-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c29c7e82f958f9ed89af6fc324d687bfe4e15d4b2aa49fee39f5aeeb4eee5583 The OpenSSF Package Analysis project identified 'storj-docs' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score