Lucene search
K

167 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14556

Malware in sbrugna...

4.3CVSS6.9AI score0.01213EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-6479

Malware in sbrugna...

4.3CVSS6.1AI score0.0212EPSS
Exploits0References3
Veracode
Veracode
added 2025/10/06 8:19 a.m.5 views

Cross Site Scripting (XSS)

ckeditor5 is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of malicious content inserted into the editor when specific configurations are enabled such as the HTML embed plugin or custom plugins with editable RawElement views, which allows an attacker to...

2.3CVSS6.4AI score0.00393EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19281

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00566EPSS
Exploits0References1
Fedora
Fedora
added 2025/10/03 12:53 a.m.9 views

[SECURITY] Fedora 42 Update: uv-0.8.11-4.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

8.6CVSS6.6AI score0.00202EPSS
Exploits0
Fedora
Fedora
added 2025/10/03 12:18 a.m.8 views

[SECURITY] Fedora 43 Update: uv-0.8.11-4.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

8.6CVSS6.6AI score0.00202EPSS
Exploits0
OSV
OSV
added 2025/09/17 4:16 a.m.2 views

DEBIAN-CVE-2025-59518

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...

8CVSS5.5AI score0.01175EPSS
Exploits0References1
Fedora
Fedora
added 2025/09/13 2:43 a.m.6 views

[SECURITY] Fedora 41 Update: uv-0.8.11-2.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

2.3CVSS6.6AI score0.00303EPSS
Exploits0
Fedora
Fedora
added 2025/09/12 7:32 p.m.6 views

[SECURITY] Fedora 43 Update: uv-0.8.11-2.fc43

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

2.3CVSS6.6AI score0.00303EPSS
Exploits0
Fedora
Fedora
added 2025/09/12 2:7 a.m.7 views

[SECURITY] Fedora 42 Update: uv-0.8.11-2.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

2.3CVSS6.6AI score0.00303EPSS
Exploits0
OSV
OSV
added 2025/09/03 10:2 p.m.8 views

CVE-2025-58064 CKEditor is susceptible to Cross-Site Scripting (XSS) through its clipboard package

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. ckeditor5 and ckeditor5-clipboard versions 46.0.0 through 46.0.2 and 44.2.0 through 45.2.1 contain a Cross-Site Scripting XSS vulnerability. Ability to exploit could be triggered by a specific user action leading to...

2.3CVSS5.5AI score0.00393EPSS
Exploits0References4
Fedora
Fedora
added 2025/08/19 4:45 a.m.11 views

[SECURITY] Fedora 41 Update: uv-0.8.8-1.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

6.8CVSS6.1AI score0.00183EPSS
Exploits0
Fedora
Fedora
added 2025/08/19 4:16 a.m.8 views

[SECURITY] Fedora 42 Update: uv-0.8.8-1.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

6.8CVSS6.1AI score0.00183EPSS
Exploits0
OSV
OSV
added 2025/06/13 2:8 p.m.6 views

GHSA-JWR7-992G-68MH starcitizentools/citizen-skin allows stored XSS in preference menu heading messages

Summary Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The innerHtml of the label div is set to the textContent of the label, essentially unsanitizing the system messages:...

6.5CVSS7AI score0.0035EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/06/13 2:7 p.m.10 views

starcitizentools/citizen-skin allows stored XSS in search no result messages

Summary The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages are inserted as raw HTML by the mustache template:...

6.5CVSS6.4AI score0.0035EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2025/06/11 7:59 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through multiple system messages. An attacker can execute arbitrary scripts in the context of the user's browser by inserting malicious content into editable interface elements. Details Cross-site scripting or X...

8.5CVSS5.5AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:44 a.m.8 views

CVE-2024-21655

Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. The issue is patched 3.1.4 and 3.2.0.beta4...

4.3CVSS6.7AI score0.00566EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:44 a.m.7 views

CVE-2012-6633

Cross-site scripting XSS vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field...

4.3CVSS5.8AI score0.0212EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2025/03/27 3:46 a.m.9 views

editable-form.com Cross Site Scripting vulnerability OBB-4040746

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Veracode
Veracode
added 2025/03/19 4:14 a.m.12 views

Cross-Site Scripting (XSS)

@jitbit/htmlsanitizer is vulnerable to cross-site scripting. The vulnerability is due to improper sanitization caused by the code beautifier running after sanitation when used with a contentEditable element, allows an attacker to inject and execute malicious scripts in a victim’s browser...

5.3CVSS6.5AI score0.00373EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder