CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The CVE-2024-5711 entry describes a stored XSS in the stitionai/devika chat feature caused by insufficient input validation/sanitization on both frontend and backend. Affected: stitionai/devika chat input across all versions. Impact per documents includes potential execution of arbitrary JavaScri...

8.1CVSS6.3AI score0.00255EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/02/27 12:0 a.m.•7 views

CVE-2023-1070 External Control of File Name or Path in nilsteampassnet/teampass

External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22...

7.1CVSS7.1AI score0.00334EPSS

Exploits1References2

Github Security Blog•added 2022/12/23 12:30 p.m.•21 views

usememos/memos Improper Access Control vulnerability

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0...

8.8CVSS8.4AI score0.00269EPSS

Exploits1References4Affected Software1

OSV•added 2022/09/13 10:15 a.m.•16 views

PYSEC-2022-271

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

7.5CVSS0.6AI score0.00183EPSS

Exploits1References3

NVD•added 2022/07/03 3:15 p.m.•17 views

CVE-2022-2289

Use After Free in GitHub repository vim/vim prior to 9.0...

7.8CVSS0.001EPSS

Exploits1References6

NVD•added 2022/05/27 9:15 a.m.•25 views

CVE-2022-1898

Use After Free in GitHub repository vim/vim prior to 8.2...

7.8CVSS0.00443EPSS

Exploits1References12

RedhatCVE•added 2022/05/21 12:19 a.m.•47 views

CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...

7.1CVSS2.2AI score0.00249EPSS

Exploits1References1