CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A Cross-site scripting XSS vulnerability in /apivedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser...

6.1CVSS6.1AI score0.00421EPSS

Exploits2References1

Vulnrichment•added 2025/08/06 12:0 a.m.•3 views

CVE-2025-51053

6.2AI score0.00421EPSS

Exploits2References2

Cvelist•added 2025/08/06 12:0 a.m.•11 views

CVE-2025-50740

AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting xss vulnerability. The AutoConnect web interface /ac/config allows HTML/JS code to be executed via a crafted network SSID...

0.00244EPSS

Exploits0References2

Positive Technologies•added 2025/07/14 12:0 a.m.•3 views

PT-2025-29525 · Racoon · Dracoon Branding Service

Name of the Vulnerable Software and Affected Versions: DRACOON Branding Service versions prior to 2.10.0 Description: DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface. Versions prior to 2.10.0 are susceptible to cross-site...

4CVSS6.2AI score0.00185EPSS

Exploits0References7

Cvelist•added 2025/06/27 2:48 p.m.•6 views

CVE-2023-38007 IBM Cloud Pak System HTML injection

IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.4.0, 2.3.4.1 on Intel operating systems is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browse...

5.4CVSS0.00212EPSS

Exploits0References1

BDU FSTEC•added 2025/06/17 12:0 a.m.•2 views

The vulnerability in the web interface of the risk management platforms IBM OpenPages and IBM OpenPages with Watson allows a hacker to execute arbitrary HTML code.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code remotely...

5.5CVSS5.8AI score0.00239EPSS

Exploits0References2Affected Software2

RedhatCVE•added 2025/05/28 9:44 a.m.•5 views

CVE-2025-1985

Due to improper neutralization of input during web page generation XSS an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device...

6.1CVSS6.8AI score0.00253EPSS

Exploits0References1

NVD•added 2025/05/26 9:15 a.m.•9 views

CVE-2025-1985

Due to improper neutralization of input during web page generation XSS an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device...

6.1CVSS0.00253EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by