CVE-2021-27465

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attacker to modify the page and display incorre...

CVE-2021-41252

Kirby is an open source file structured CMS Impact Kirby's writer field stores its formatted content as HTML code. Unlike with other field types, it is not possible to escape HTML special characters against cross-site scripting XSS attacks, otherwise the formatting would be lost. If the user is...

EUVD-2016-10126

Malware in sbrugna...

EUVD-2021-10789

Malware in sbrugna...

EUVD-2020-24616

Malware in sbrugna...

EUVD-2017-6457

Malware in sbrugna...

EUVD-2003-0156

Malware in sbrugna...

EUVD-2022-0785

Malicious code in bioql PyPI...

EUVD-2024-19450

Malicious code in bioql PyPI...

EUVD-2024-17614

Malicious code in bioql PyPI...

EUVD-2024-47631

Malicious code in bioql PyPI...

EUVD-2022-39478

Malicious code in bioql PyPI...

EUVD-2024-42868

Malicious code in bioql PyPI...

PT-2025-29525 · Racoon · Dracoon Branding Service

Name of the Vulnerable Software and Affected Versions: DRACOON Branding Service versions prior to 2.10.0 Description: DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface. Versions prior to 2.10.0 are susceptible to cross-site...

CVE-2025-1985

Due to improper neutralization of input during web page generation XSS an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device...

CVE-2025-1985

Due to improper neutralization of input during web page generation XSS an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device...

CVE-2025-1985

CVE-2025-1985 matches the Pepperl+Fuchs Profinet Gateway LB8122A.1.EL / FB8122A.1.EL family. The issue is an XSS due to improper neutralization of input during web page generation, allowing an unauthenticated remote attacker to inject HTML into the Web-UI of the affected device. Documented in mul...

CVE-2025-1985 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability

Due to improper neutralization of input during web page generation XSS an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device...

CVE-2024-21838

Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...

CVE-2024-6558

HMS Industrial Networks Anybus-CompactCom 30 products are vulnerable to a XSS attack caused by the lack of input sanitation checks. As a consequence, it is possible to insert HTML code into input fields and store the HTML code. The stored HTML code will be embedded in the page and executed by hos...