CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

508 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-9097

Malware in sbrugna...

4.3CVSS6AI score0.01995EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2014-9819

Malware in sbrugna...

6.1CVSS6.1AI score0.00256EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-2961

Malware in sbrugna...

7.5CVSS6.1AI score0.08616EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2008-5809

Malware in sbrugna...

9.3CVSS6.4AI score0.0557EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2012-2091

Malware in sbrugna...

6.8CVSS6.1AI score0.03179EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-4883

Malware in sbrugna...

6.1CVSS6.1AI score0.00918EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7451

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00473EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-37428

Malicious code in bioql PyPI...

6.1CVSS7.8AI score0.00364EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7415

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00516EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-7018

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00473EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-55067

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.23903EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-3945

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.01032EPSS

Exploits0References9

IBM Security Bulletins•added 2025/09/29 7:21 a.m.•5 views

Security Bulletin: Axios before 1.7.8 uses setAttribute('href') in isURLSameOrigin.js, raising potential security concern

Summary In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a...

9.8CVSS7.1AI score0.00342EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/09/11 12:16 a.m.•75 views

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

6.4CVSS6AI score0.00215EPSS

Exploits1References1

RedhatCVE•added 2025/09/10 10:29 a.m.•2 views

CVE-2014-125128

'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting XSS. The function 'naughtyHref' doesn't properly validate the hyperreference href attribute in anchor tags , allowing bypasses that contain different casings, whitespace characters, or hexadecimal encodings...

6.1CVSS6.5AI score0.00256EPSS

Exploits1References1

Snyk•added 2025/09/09 6:31 p.m.•4 views

Improper Encoding or Escaping of Output

Overview element-plus is an A Component Library for Vue 3 Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the href attribute handling in the el-link component. An attacker can execute arbitrary scripts, redirect users to malicious sites, or conduct...

8.7CVSS7.1AI score0.00215EPSS

Exploits1References2

Snyk•added 2025/09/09 6:31 p.m.•3 views

Improper Encoding or Escaping of Output

Overview org.webjars.npm:element-plus is an A Component Library for Vue 3 Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the href attribute handling in the el-link component. An attacker can execute arbitrary scripts, redirect users to malicious...

8.7CVSS7.1AI score0.00215EPSS

Exploits1References2

Github Security Blog•added 2025/09/09 6:31 p.m.•5 views

Element Plus Link component (el-link) implements insufficient input validation for the href attribute

Element Plus Link component el-link prior to 2.11.0 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

6.4CVSS6AI score0.00215EPSS

Exploits1References8Affected Software1

OSV•added 2025/09/09 6:31 p.m.•8 views

GHSA-5M5X-9J46-H678 Element Plus Link component (el-link) implements insufficient input validation for the href attribute

Element Plus Link component el-link prior to 2.11.0 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

8.7CVSS5.9AI score0.00215EPSS

Exploits1References7

NVD•added 2025/09/09 6:15 p.m.•4 views

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

6.4CVSS0.00215EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by