Lucene search
K

143 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57443

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00452EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2022-48292

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.0057EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29635

Malicious code in bioql PyPI...

6.5CVSS8AI score0.00672EPSS
Exploits0References25
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-32738

Malicious code in bioql PyPI...

5.4CVSS7.6AI score0.00561EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-2823

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.0034EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-37429

Malicious code in bioql PyPI...

6.1CVSS7.8AI score0.00406EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-1308

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00871EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-37423

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00937EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-51404

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00458EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/30 10:46 p.m.10 views

CVE-2025-57769

FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below contain a vulnerability where a specially crafted page can trick a user into executing arbitrary JS code or promoting a user in FreshRSS by obscuring UI elements in iframes. If embedding an authenticated iframe is possibl...

5.3CVSS6.7AI score0.00257EPSS
Exploits1References1
Imperva Blog
Imperva Blog
added 2025/09/15 8:12 p.m.13 views

Google Pay, Drug Bots, and SIM Swaps: How Old Leaks and New Vulnerabilities Power Attacks

It starts with something simple: a CAPTCHA box on your screen. You type the number you see, because of course you do. That’s what humans do online. But what if that “CAPTCHA” wasn’t a CAPTCHA at all? In this post, I’ll walk you through how old data leaks, lazy telecom verification, and a...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-0747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.6AI score0.006EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/07/11 12:0 a.m.5 views

CVE-2025-51591

A Server-Side Request Forgery SSRF in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilitie...

3.7CVSS5.8AI score0.00609EPSS
Exploits1
CNNVD
CNNVD
added 2025/06/12 12:0 a.m.5 views

SICK Field Analytics和SICK Media Server 安全漏洞

SICK Field Analytics and SICK Media Server are both products of the German company SICK.SICK Field Analytics is software for evaluating manufacturing data.SICK Media Server is a media server. A security vulnerability exists in SICK Field Analytics and SICK Media Server that stems from...

6.1CVSS7.3AI score0.00287EPSS
Exploits0References8
OSV
OSV
added 2025/06/09 7:7 p.m.22 views

GHSA-V3PH-2Q5Q-CG88 @haxtheweb/haxcms-nodejs Iframe Phishing vulnerability

Summary In the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited, the client's browser will query the supplied URL. Affected Resources - Operations.php:868 -...

5.3CVSS6.8AI score0.00324EPSS
Exploits1References4
NVD
NVD
added 2025/06/09 1:15 p.m.16 views

CVE-2025-48877

Discourse is an open-source discussion platform. Prior to version 3.4.4 of the stable branch, version 3.5.0.beta5 of the beta branch, and version 3.5.0.beta6-dev of the tests-passed branch, Codepen is present in the default allowediframes site setting, and it can potentially auto-run arbitrary JS...

9.8CVSS0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.6 views

CVE-2025-22545

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sw.galati iframe to embed iframe-to-embed allows Stored XSS.This issue affects iframe to embed: from n/a through = 1.2...

6.5CVSS7.2AI score0.0034EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.6 views

CVE-2024-25144

The IFrame widget in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versions, and Liferay DXP 7.4 before update 27, 7.3 before update 6, 7.2 before fix pack 19, and older unsupported versions does not check the URL of the IFrame, which allows remote authenticated users to cause a...

6.5CVSS6.4AI score0.00569EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:24 a.m.8 views

CVE-2023-52125

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly iframe allows Stored XSS.This issue affects iframe: from n/a through 4.8...

6.5CVSS6.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.4 views

CVE-2023-6844

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to and including 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

5CVSS5.8AI score0.00401EPSS
Exploits0References1
Rows per page
Query Builder