Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2025/05/26 6:5 p.m.1 views

MAL-2025-4427 Malicious code in @fmr-pr103625/apex-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 87f7d6eefb4242b16b30fbedd12103828145a5d82610917904a48a2ee5b1f063 The OpenSSF Package Analysis project identified '@fmr-pr103625/apex-core' @ 1.999.2 npm as malicious. It is considered malicious because: - The...

7.4AI score
Exploits0
OSV
OSVadded 2025/01/08 2:43 a.m.2 views

MAL-2025-34 Malicious code in @shadowbyte/checkout-telemetry-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3309a46cb7d7602b6b36a782d12752e0b69f409896afc9dd2d9fa4925d65b4a6 The OpenSSF Package Analysis project identified '@shadowbyte/checkout-telemetry-agent' @ 1.0.4 npm as malicious. It is considered malicious...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/07/21 11:23 a.m.4 views

Malicious code in shadycss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63b72ee48be67972ecef0ef8abb174f91a248b159d505d0cfc49975e6261dc01 The OpenSSF Package Analysis project identified 'shadycss' @ 1.0.7 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Prion
Prionadded 2023/06/30 7:15 p.m.14 views

Cross site scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...

4.9CVSS5.4AI score0.02727EPSS
Exploits1References4Affected Software2
OSV
OSVadded 2023/06/30 6:57 p.m.14 views

CVE-2023-36477 Persistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...

9CVSS5.3AI score0.02727EPSS
Exploits1References6
OSV
OSVadded 2018/12/11 5:29 p.m.18 views

CVE-2018-19969

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users,...

8.8CVSS7.2AI score
Exploits0References3
Opera Security Advisories
Opera Security Advisoriesadded 2012/03/26 12:0 a.m.486 views

Overlapping content can trick users into executing downloads

Dialogs such as the download dialog are usually displayed on top of page content, to ensure that the user knows that the dialog is requesting attention. In some cases, this policy was not implemented correctly in Opera, allowing certain page content to overlay the dialog. In these cases, clicking...

1.5AI score
Exploits0Affected Software1
Rows per page
Query Builder