Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 4:22 a.m.1 views

SUSE CVE-2018-18690

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

5.5CVSS6.1AI score0.00058EPSS
Exploits1References10
Veracode
Veracodeadded 2022/06/24 4:7 a.m.105 views

Cross-site Scripting (XSS)

tomcat is vulnerable to cross-site scripting. The vulnerability exists because the user-provided name, value, and type form attributes are not filtered before being displayed on the web page, allowing an attacker to inject and execute malicious javascript...

6.1CVSS6.4AI score0.17371EPSS
Exploits0References13Affected Software2
Snyk
Snykadded 2021/01/08 9:57 a.m.0 views

Cross-site Scripting (XSS)

Overview spoon/library is a PHP5 library used to build web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS via getAttributesHTML in library/spoon/form/attributes.php due to lack of sanitization. In an affected application, an attacker could insert XSS...

7.1CVSS5.2AI score
Exploits0References3
OSV
OSVadded 2020/05/06 4:43 p.m.2 views

DRUPAL-CONTRIB-2020-011

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter webform element properties attributes under the scenario of editing a webform. Malicious user could craft such an attribute element\validate, for example that would invoke execution of undesired P...

6.8AI score
Exploits0References1
Drupal
Drupaladded 2019/02/13 12:0 a.m.14 views

Focal Point - Moderately critical - Cross site scripting - SA-CONTRIB-2019-015

This module enables a privileged user to specify the important part of an image for the purposes of cropping. The module doesn't sufficiently sanitize certain form element attributes when the focal point widget is displayed on a form. This vulnerability is mitigated by the fact that an attacker...

6.4AI score
Exploits0References6
OSV
OSVadded 2019/01/30 10:29 p.m.0 views

CVE-2018-3956

An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitation when...

7.1CVSS5.6AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2019/01/30 12:0 a.m.3 views

PT-2019-10730 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: The issue is related to the handling of certain XFA element attributes, which can lead to an out-of-bounds read when a specially crafted PDF document is opened. This can result in th...

7.1CVSS6.4AI score0.1606EPSS
Exploits1References2
Nmap
Nmapadded 2013/08/23 2:8 a.m.1277 views

http-csrf NSE Script

This script detects Cross Site Request Forgeries CSRF vulnerabilities. It will try to detect them by checking each form if it contains an unpredictable token for each user. Without one an attacker may forge malicious requests. To recognize a token in a form, the script will iterate through the...

10CVSS0.94176EPSS
Exploits33
Rows per page
Query Builder