CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

htmly v3.0.8 is vulnerable to Cross Site Scripting XSS in the /author/:name endpoint of the affected application. The name parameter is not properly sanitized before being reflected in the HTML response, allowing attackers to inject arbitrary JavaScript payloads...

5.7AI score0.00295EPSS

Exploits0References3

OSV•added 2025/10/01 2:41 p.m.•3 views

ECHO-2B7E-78D4-C817

Bulletin has no description...

6.5CVSS7AI score0.02267EPSS

Exploits0References1

OSV•added 2025/09/30 11:47 p.m.•1 views

ECHO-C430-EC5E-6DDE

Bulletin has no description...

7.8CVSS6.7AI score0.0014EPSS

Exploits0References1

vulnersOsv•added 2025/09/24 6:57 p.m.•10 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +387 more potentially affected by CVE-2025-59343 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2025-59343 Source advisory: OSV:GHSA-VJ76-C3G6-QR...

8.7CVSS5.8AI score0.00516EPSS

Exploits0

OSV•added 2025/09/24 1:22 p.m.•2 views

ECHO-0EC2-A434-C824

Bulletin has no description...

8.8CVSS7AI score0.00739EPSS

Exploits0References1

OSV•added 2025/09/24 1:22 p.m.•1 views

ECHO-4B0C-AA52-8CD0

Bulletin has no description...

5.4CVSS7AI score0.00308EPSS

Exploits0References1

OSV•added 2025/09/23 6:15 a.m.•3 views

AZL-67650 CVE-2025-39873 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

7.8CVSS5.8AI score0.00148EPSS

Exploits0References1