CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25822 matches found

CNNVD•added 2026/01/16 12:0 a.m.•2 views

WeGIA Cross-Site Script Vulnerabilities

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.2 contained a cross-site scripting vulnerability. This vulnerability occurred because the user-controlled data was not cleared before the html/atendido/cadastroocorrencia.php endpoint...

5.4CVSS5.6AI score0.0005EPSS

Exploits1References4

Tenable Nessus•added 2026/01/13 12:0 a.m.•1 views

MiracleLinux 8 : doxygen-1.8.14-13.el8_10 (AXSA:2025-9660:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9660:02 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block...

6.9CVSS7.4AI score0.34098EPSS

Exploits6References2

RedhatCVE•added 2026/01/09 12:35 p.m.•5 views

CVE-2023-49985

A cross-site scripting XSS vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter...

6.5CVSS5.8AI score0.00185EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:57 a.m.•5 views

CVE-2022-38220

An XSS vulnerability exists within Quest KACE Systems Management Appliance SMA through 12.1 that may allow remote injection of arbitrary web script or HTML...

6.1CVSS6.5AI score0.00197EPSS

Exploits0References1

Github Security Blog•added 2026/01/05 5:35 p.m.•22 views

jsPDF has Local File Inclusion/Path Traversal vulnerability

Impact User control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node proce...

9.2CVSS6.8AI score0.0003EPSS

Exploits2References5Affected Software1

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-180058

Malicious code in biomimicry-epigenetics-rimraf-html-webpack-plugin npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-111629

Malicious code in local-fork-postgres-html-webpack-plugin npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in rimraf-izar-html-webpack-plugin-rigel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 969f0af5a2acd4f35bc9f6a12bfdee60b30945dd4a21464b014b22f579711f02 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-112878

Malicious code in helios-html-webpack-plugin-colors-achernar npm...

6.6AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-21101

Malware in sbrugna...

8.8CVSS8.2AI score0.029EPSS

Exploits0References2