CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-2522

Malware in sbrugna...

6.1CVSS6.3AI score0.00545EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-20705

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00447EPSS

Exploits0References3

Tenable Nessus•added 2025/09/03 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2019-14881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed. CVE-2019-14881 Note th...

6.1CVSS6AI score0.00518EPSS

Exploits0References2

CVE•added 2022/12/22 12:0 a.m.•444 views

CVE-2022-1834

The CVE-2022-1834 vulnerability affects Thunderbird and is triggered when the sender name contains multiple Braille Pattern Blank space characters, causing all spaces to be displayed. An attacker could craft an email where the sender’s visible address appears to be the attacker’s while the signin...

6.5CVSS7.4AI score0.00133EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2022/06/03 12:50 p.m.•2 views

Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird displays all spaces. This flaw allows an attacker to send an ema...

6.5CVSS7.4AI score0.00133EPSS

Exploits0References4

OSV•added 2022/05/24 5:11 p.m.•18 views

GHSA-9JF6-WQ34-FG9W Moodle XSS Vulnerability

A vulnerability was found in moodle 3.7 to 3.7.2 and before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed...

6.1CVSS5.8AI score0.00518EPSS

Exploits0References5

Debian CVE•added 2021/06/16 9:50 a.m.•18 views

CVE-2021-21441

There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTR...

7.5CVSS5.1AI score0.00296EPSS

Exploits0

Prion•added 2020/03/18 1:15 p.m.•15 views

Cross site scripting

A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed...

4.3CVSS5.8AI score0.00518EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2020/03/18 1:15 p.m.•16 views

CVE-2019-14881

A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed...

6.1CVSS6.3AI score0.00518EPSS

Exploits0References1

OSV•added 2020/03/18 1:15 p.m.•1 views

UBUNTU-CVE-2019-14881

A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed...

6.1CVSS6.3AI score0.00518EPSS

Exploits0References2

CVE•added 2020/03/18 12:19 p.m.•69 views

CVE-2019-14881

CVE-2019-14881 concerns Moodle 3.7.x prior to 3.7.3, where a blind XSS vulnerability is reflected in locations that display a user’s email. The vulnerability is triggered via input that is reflected in output in certain contexts, enabling an attacker to execute client-side code in the context of ...

6.1CVSS5.7AI score0.00518EPSS

Exploits0References2Affected Software1

CNVD•added 2018/08/06 12:0 a.m.•2 views

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-19608)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page in SquirrelMail 1.4.22 and earlier versions, which can be exploited by remote attackers to inject malicious scripts into a web page and...

6.1CVSS6.3AI score0.00493EPSS

Exploits1References1

CNVD•added 2018/08/06 12:0 a.m.•3 views

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-19609)

SquirrelMail is a cross-platform use of PHP4 development Webmail mail system . A cross-site scripting vulnerability exists in the email message display page of SquirrelMail 1.4.22 and earlier versions, which can be exploited by remote attackers to inject malicious scripts into a web page and...

6.1CVSS6.2AI score0.00536EPSS

Exploits1References1

CNVD•added 2018/08/06 12:0 a.m.•2 views

SquirrelMail cross-site scripting vulnerability (CNVD-2019-19607)

SquirrelMail is a PHP-based Web e-mail client . A cross-site scripting vulnerability exists in the email message display page in SquirrelMail 1.4.22 and earlier versions, which can be exploited by a remote attacker to inject malicious scripts into a web page and execute those scripts in a user's...

6.1CVSS6.2AI score0.00493EPSS

Exploits1References1

NVD•added 2016/10/28 10:59 a.m.•10 views

CVE-2016-1423

A vulnerability in the display of email messages in the Messages in Quarantine MIQ view in Cisco AsyncOS for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate...

6.1CVSS6.2AI score0.00545EPSS

Exploits0References3

Prion•added 2016/10/28 10:59 a.m.•11 views

Cross site scripting

4.3CVSS6.3AI score0.00545EPSS

Exploits0References3Affected Software1

Atlassian•added 2012/10/10 7:37 a.m.•17 views

JIRA REST API makes it easy to harvest email addresses

The JIRA REST API makes it easy to harvest email addresses as an anonymous user. 1. Go to https://jira.atlassian.com/browseJRA-22053 as anonymous. Note that you can't extract email addresses from this page unless the user has used an email address as her username. 2. Now go to...

0.1AI score

Exploits0Affected Software1