CVE-2026-41645

Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's expression evaluation engine makes it possible for a malicious target server to inject and execute supported DSL expressions. This happens when HTTP response...

EUVD-2022-4181

Malicious code in bioql PyPI...

CVE-2021-37939

It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connecto...

CVE-2021-37939

Kibana’s JIRA and IBM Resilient connectors have a vulnerability that can disclose limited HTTP response data from internal hosts accessible to the cluster when a user can create connectors. Affected product: Kibana (connectors). Root cause: information disclosure via connectors. Impact: exposure ...

CVE-2019-17321

ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required...

Microsoft Edge XSS Filter Bypass Vulnerability

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. An XSS filter bypass vulnerability exists in Microsoft Edge that stems from the program failing to properly disable HTML attributes in improperly filtered HTTP...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Application Server WAS 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data...