Lucene search
K

16 matches found

EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข6 views

EUVD-2022-41317

Malicious code in bioql PyPI...

8CVSS5.8AI score0.00623EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
โ€ขadded 2025/09/16 12:0 a.m.โ€ข5 views

This Week in Spring - September 16th, 2025

Hi, Spring fans! Welcome to another extra special installment of This Week in Spring , wherein we celebrate a very auspicious day indeed: the release of Java 25 and GraalVM 25! That's right: an incredible new iteration of the JVM has just dropped and with it come a ton of features! Let's go throu...

7.5CVSS6.9AI score0.0046EPSS
Exploits0
Trellix
Trellix
โ€ขadded 2023/07/26 12:0 a.m.โ€ข215 views

Beyond File Search: A Novel Method

Beyond File Search: A Novel Method for Exploiting the "search-ms" URI Protocol Handler By Mathanraj Thangaraju and Sijo Jacob ยท July 26, 2023 Threat Summary In the ever-evolving landscape of cyber threats, malware authors continuously explore new avenues to exploit unsuspecting users. The Windows...

8.6AI score0.99374EPSS
Exploits62
NVD
NVD
โ€ขadded 2022/12/08 4:15 p.m.โ€ข40 views

CVE-2022-38754

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

8CVSS0.00623EPSS
Exploits0References3
Prion
Prion
โ€ขadded 2022/12/08 4:15 p.m.โ€ข21 views

Design/Logic Flaw

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

4.9CVSS5.3AI score0.00623EPSS
Exploits0References3Affected Software2
CVE
CVE
โ€ขadded 2022/12/08 12:0 a.m.โ€ข63 views

CVE-2022-38754

CVE-2022-38754 affects Micro Focus Operations Bridge Manager and Operations Bridge-Containerized versions prior to 2022.11. The vulnerability is a cross-site scripting issue where a malicious authenticated OBM user could run JavaScript in the browser context of another OBM user. Impact is limited...

8CVSS5.6AI score0.00623EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
โ€ขadded 2020/09/11 12:0 a.m.โ€ข36 views

SAP NetWeaver AS Java Multiple XSS (2953112)

The version of SAP NetWeaver AS Java detected on the remote host may be affected by multiple cross-site scripting vulnerabilities, as follows: - SAP NetWeaver Application Server JAVA XML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an...

6.5CVSS6.5AI score0.00721EPSS
Exploits0References4
NVD
NVD
โ€ขadded 2020/09/09 1:15 p.m.โ€ข28 views

CVE-2020-6326

SAP NetWeaver Knowledge Management, version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting...

5.4CVSS0.00648EPSS
Exploits0References2
Cvelist
Cvelist
โ€ขadded 2020/09/09 12:47 p.m.โ€ข30 views

CVE-2020-6326

SAP NetWeaver Knowledge Management, version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting...

5.4CVSS5.9AI score0.00648EPSS
Exploits0References2
Kitploit
Kitploit
โ€ขadded 2018/04/30 8:40 p.m.โ€ข23 views

Bad-Pdf - Steal NTLM Hashes With A PDF From Windows Machines

Bad-PDF create malicious PDF to steal NTLM Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file. Bad-Pdf reads the NTLM hashes using Responder listener. This method work on all PDF readersAny version and java scripts are not required...

7.2AI score
Exploits0References1
NVD
NVD
โ€ขadded 2017/09/15 1:29 p.m.โ€ข29 views

CVE-2017-4926

VMware vCenter Server 6.5 prior to 6.5 U1 contains a vulnerability that may allow for stored cross-site scripting XSS. An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page...

5.4CVSS5.6AI score0.00777EPSS
Exploits0References3
Prion
Prion
โ€ขadded 2017/09/15 1:29 p.m.โ€ข19 views

Cross site scripting

VMware vCenter Server 6.5 prior to 6.5 U1 contains a vulnerability that may allow for stored cross-site scripting XSS. An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page...

3.5CVSS6.5AI score0.00777EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
โ€ขadded 2017/09/15 1:0 p.m.โ€ข33 views

CVE-2017-4926

VMware vCenter Server 6.5 prior to 6.5 U1 contains a vulnerability that may allow for stored cross-site scripting XSS. An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page...

5.6AI score0.00777EPSS
Exploits0References3
Microsoft KB
Microsoft KB
โ€ขadded 2016/07/12 7:0 a.m.โ€ข94 views

MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016

None None...

9.3CVSS7AI score0.26291EPSS
Exploits0
BDU FSTEC
BDU FSTEC
โ€ขadded 2015/09/08 12:0 a.m.โ€ข8 views

The vulnerability of the Business Process Manager system allows a perpetrator to circumvent existing access restrictions and execute arbitrary Java scripts.

The vulnerability of the REST API interface of the Business Process Manager system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and execute arbitrary Java scripts using a specially crafted API request...

9CVSS5.8AI score0.0241EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
โ€ขadded 1999/08/17 12:0 a.m.โ€ข46 views

eudoraurl.txt

Date: Fri, 7 Aug 1998 13:40:54 -0400 From: "Stout, Bill" Subject: Eudora executes Java URL Eudora Pro 4.0 and 4.0.1 will execute Java from a URL. "The Eudora flaw came to light just a little more than a week after security researchers announced a similar problem in versions of Microsoft's Outlook...

7.4AI score
Exploits0
Rows per page
Query Builder