Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-4882

Malware in sbrugna...

5.8CVSS6.1AI score0.02408EPSS
Exploits1References11
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-6831

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00318EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/03/22 1:25 p.m.6 views

CVE-2025-0192

A stored Cross-site Scripting XSS vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker can inject malicious scripts. When the modified HTML is shared with another user, the XSS payload executes, potentially...

5.4CVSS5.2AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/20 10:10 a.m.8 views

CVE-2025-0192 Stored Cross-site Scripting (XSS) in wandb/openui

A stored Cross-site Scripting XSS vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker can inject malicious scripts. When the modified HTML is shared with another user, the XSS payload executes, potentially...

5.4CVSS0.00318EPSS
Exploits0References1
CVE
CVEadded 2024/05/06 12:0 a.m.48 views

CVE-2024-34471

CVE-2024-34471 affects HSC Mailinspector 5.2.17-3 (and up to 5.2.18 per CNVD/CNNVD) due to a faulty validation of the filename parameter in the mliRealtimeEmails.php export HTML function. The path traversal flaw enables an attacker to read and delete arbitrary server files, evidenced by reads of ...

5.4CVSS6.4AI score0.01695EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2016/12/23 10:59 p.m.12 views

CVE-2016-7966

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign = or a space into the injected HTML, which greatly reduces the available HTML functionality...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2016/10/05 12:0 a.m.38 views

CVE-2016-7966

Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign = or a space into the injected HTML, which greatly reduces the available HTML functionality...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References4
Prion
Prionadded 2007/09/14 6:17 p.m.12 views

Hardcoded credentials

The embedded Internet Explorer server control in AOL Instant Messenger AIM 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML functionality for incoming instant messages, which allows remote attackers to place HTML into unexpected...

5.8CVSS7.1AI score0.02408EPSS
Exploits1References9Affected Software1
Cvelist
Cvelistadded 2007/09/14 6:0 p.m.17 views

CVE-2007-4901

The embedded Internet Explorer server control in AOL Instant Messenger AIM 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML functionality for incoming instant messages, which allows remote attackers to place HTML into unexpected...

6.8AI score0.02408EPSS
Exploits1References9
Rows per page
Query Builder