CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-23919

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00171EPSS

Exploits0References3

RedhatCVE•added 2025/08/09 12:23 a.m.•2 views

CVE-2025-55133

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...

6.4CVSS5.7AI score0.00171EPSS

Exploits0References1

RedhatCVE•added 2025/08/09 12:23 a.m.•2 views

CVE-2025-55135

In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG...

6.4CVSS5.6AI score0.00249EPSS

Exploits0References1

NVD•added 2025/08/07 4:15 p.m.•2 views

CVE-2025-55134

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...

6.4CVSS0.00171EPSS

Exploits0References3

Vulnrichment•added 2025/08/07 12:0 a.m.•2 views

CVE-2025-55135

6.4CVSS5.6AI score0.00249EPSS

Exploits0References4

CNNVD•added 2025/08/07 12:0 a.m.•1 views

agora 代码问题漏洞

agora is a cloud-based learning and research platform open-sourced by the Agora Foundation. A code issue vulnerability exists in versions prior to agora fall23-Alpha1 690ce56, which stems from a user controller allowing non-standard image formats leading to cross-site scripting attacks...

6.4CVSS6.2AI score0.00249EPSS

Exploits0References3

Positive Technologies•added 2025/08/07 12:0 a.m.•2 views

PT-2025-32269 · Unknown · Agora Foundation

Name of the Vulnerable Software and Affected Versions: Agora Foundation Agora fall23-Alpha1 versions prior to 690ce56 Description: The application permits file formats other than PNG, JPEG, and WEBP for profile pictures, including SVG. This allows for cross-site scripting XSS via a crafted profil...

6.4CVSS5.8AI score0.00249EPSS

Exploits0References8

CNNVD•added 2025/08/07 12:0 a.m.•1 views

agora 跨站脚本漏洞

agora is a cloud-based learning and research platform open-sourced by the Agora Foundation. A cross-site scripting vulnerability exists in versions prior to agora fall23-Alpha1 b087490, which stems from the tag parameter in editorManager.js being susceptible to cross-site scripting attacks...

6.4CVSS6AI score0.00171EPSS

Exploits0References2

Cvelist•added 2025/08/07 12:0 a.m.•7 views

CVE-2025-55134

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js...

6.4CVSS0.00171EPSS

Exploits0References3

Positive Technologies•added 2025/08/07 12:0 a.m.•3 views

PT-2025-32268 · Unknown · Agora Foundation

Name of the Vulnerable Software and Affected Versions: Agora Foundation versions prior to b087490 Description: The software is susceptible to a cross-site scripting XSS issue due to a vulnerability in how tags are handled. This flaw is located in the client/agora/public/js/editorManager.js file...

6.4CVSS5.4AI score0.00171EPSS

Exploits0References8

Vulnrichment•added 2025/08/07 12:0 a.m.•2 views

CVE-2025-55133

In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js...

6.4CVSS5.6AI score0.00171EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by