CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-32592

Malicious code in bioql PyPI...

4.6CVSS6.6AI score0.00221EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-1990

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00122EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:17 a.m.•3 views

CVE-2024-4026

Cross-Site Scripting XSS vulnerability in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within all editable parameters within the 'General' and 'Team ID' functionalities, which could result in a session takeover...

4.6CVSS5.8AI score0.00221EPSS

Exploits0

RedhatCVE•added 2025/02/08 2:25 p.m.•3 views

CVE-2025-1076

A Stored Cross-Site Scripting Stored XSS vulnerability has been found in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within the editable ‘name’ and ‘icon’ parameters of the Activities functionality...

4.8CVSS5.9AI score0.00122EPSS

Exploits0References3

NVD•added 2025/02/06 2:15 p.m.•11 views

CVE-2025-1076

4.8CVSS0.00122EPSS

Exploits0References1

CVE•added 2025/02/06 1:33 p.m.•53 views

CVE-2025-1076

CVE-2025-1076 describes a Stored XSS vulnerability in Holded’s application, affecting the editable name and icon fields within the Activities feature. The root cause is storing a JavaScript payload in those parameters, enabling an attacker to inject script via standard input fields. The issue is ...

4.8CVSS4.9AI score0.00122EPSS

Exploits0References1

Cvelist•added 2025/02/06 1:33 p.m.•12 views

CVE-2025-1076 Stored Cross-Site Scripting vulnerability in Holded

4.8CVSS0.00122EPSS

Exploits0References1

Vulnrichment•added 2025/02/06 1:33 p.m.•5 views

CVE-2025-1076 Stored Cross-Site Scripting vulnerability in Holded

4.8CVSS6AI score0.00122EPSS

Exploits0References1

Vulnrichment•added 2024/04/22 11:51 a.m.•13 views

CVE-2024-4026 Cross-Site Scripting in the Holded application

4.6CVSS5.7AI score0.00221EPSS

Exploits0References1

CVE•added 2024/04/22 11:51 a.m.•52 views

CVE-2024-4026

CVE-2024-4026 is an XSS vulnerability in Holded. The cited sources indicate that an attacker could store a JavaScript payload in all editable parameters within the General and Team ID functions, enabling session takeover. The issue affects Holded versions prior to 4.20.0 (per CNNVD). Root cause d...

4.6CVSS5.7AI score0.00221EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by