Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

214 matches found

OpenVAS
OpenVASadded 2022/03/21 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-1336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.4AI score0.05428EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2022/03/16 10:47 p.m.52 views

Cross-site Scripting in CKEditor4

Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...

5.4CVSS0.7AI score0.00994EPSS
Exploits0References10Affected Software1
OSV
OSVadded 2022/03/16 10:47 p.m.160 views

GHSA-4FC4-4P5G-6W89 Cross-site Scripting in CKEditor4

Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...

5.4CVSS6.1AI score0.01115EPSS
Exploits0References10
NVD
NVDadded 2022/03/16 4:15 p.m.20 views

CVE-2022-24728

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

5.4CVSS0.00994EPSS
Exploits0References7
Prion
Prionadded 2022/03/16 4:15 p.m.59 views

Hardcoded credentials

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

3.5CVSS6.1AI score0.00994EPSS
Exploits0References7Affected Software9
UbuntuCve
UbuntuCveadded 2022/03/16 4:15 p.m.40 views

CVE-2022-24728

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

5.4CVSS6.7AI score0.00994EPSS
Exploits0References3
Drupal
Drupaladded 2022/03/16 12:0 a.m.42 views

Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-005

The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal. Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content even without...

7.5CVSS1.3AI score0.01115EPSS
Exploits0References14
CNNVD
CNNVDadded 2022/03/16 12:0 a.m.1 views

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor 4 versions prior to 4.18.0, which stems from a vulnerability discovered in the core HTML processing module that affects all plugins used in CKEditor4 versions prior to 4.18.0. The...

5.4CVSS7.1AI score0.00994EPSS
Exploits0References13
Positive Technologies
Positive Technologiesadded 2022/03/16 12:0 a.m.3 views

PT-2022-16835 · Unknown +3 · Ckeditor 4 +3

Name of the Vulnerable Software and Affected Versions: CKEditor 4 versions prior to 4.18.0 Description: A vulnerability has been discovered in the core HTML processing module of CKEditor 4, which may affect all plugins used by the editor. This issue allows an attacker to inject malformed HTML,...

6.1CVSS7AI score0.3983EPSS
Exploits0References38
Debian CVE
Debian CVEadded 2022/03/16 12:0 a.m.80 views

CVE-2022-24728

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content...

5.4CVSS7.1AI score0.00994EPSS
Exploits0
CVE
CVEadded 2022/03/16 12:0 a.m.502 views

CVE-2022-24728

CKEditor4 core HTML processing vulnerability (CVE-2022-24728) allows injecting malformed HTML that bypasses sanitization, potentially enabling JavaScript execution in CKEditor 4 plugins. A fix is available in version 4.18.0; versions prior to 4.18.0 are affected. No public workarounds are provide...

5.4CVSS5.9AI score0.00994EPSS
Exploits0References7Affected Software1
RubySec
RubySecadded 2022/03/16 12:0 a.m.4 views

Cross-site Scripting in CKEditor4

Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. Impact A potential vulnerability has been discovered in CKEditor 4 HTML processing core module. The vulnerability allowed to inject malformed HTML bypassing...

5.4CVSS9.1AI score0.00994EPSS
Exploits0References1Affected Software1
Redos
Redosadded 2022/02/26 12:0 a.m.4 views

ROS-2-2253

2.2253 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8AI score0.02512EPSS
Exploits1
Redos
Redosadded 2022/02/26 12:0 a.m.22 views

ROS-2-708

2.708 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS8.1AI score0.02512EPSS
Exploits1
Redos
Redosadded 2022/02/26 12:0 a.m.21 views

ROS-2-712

2.712 Mozilla Thunderbird email client vulnerability CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability could...

8.8CVSS9.2AI score0.02512EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2021/12/30 12:0 a.m.33 views

Debian DLA-2871-1 : lxml - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2871 advisory. - lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass...

8.2CVSS7.2AI score0.05428EPSS
Exploits0References6
Redos
Redosadded 2021/12/24 12:0 a.m.2 views

ROS-2-2011

2.2011 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

8.8CVSS8AI score0.008EPSS
Exploits1
Redos
Redosadded 2021/12/24 12:0 a.m.12 views

ROS-2-1478

2.1478 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS9.8AI score0.02512EPSS
Exploits1
Redos
Redosadded 2021/12/24 12:0 a.m.14 views

ROS-2-1507

2.1507 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

9.2AI score0.02512EPSS
Exploits1
Redos
Redosadded 2021/12/24 12:0 a.m.3 views

ROS-2-2064

2.2064 Vulnerability in Mozilla Thunderbird email client CVE-2021-29970, CVE-2021-30547, CVE-2021-29976, CVE-2021-29969. 1. Vulnerability Description: CVE-2021-29970 Vulnerability in Mozilla Thunderbird email client, related to HTML content processing error. Exploitation of the vulnerability coul...

8.8CVSS8.3AI score0.02512EPSS
Exploits1
Rows per page
Query Builder