Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

56 matches found

NVD
NVDadded 2026/04/29 8:16 p.m.0 views

CVE-2018-25309

MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create threads with script tags in the subject parameter to execute arbitrary JavaScript in the browser...

7.2CVSS0.00028EPSS
Exploits1References3
Snyk
Snykadded 2026/03/30 6:8 p.m.1 views

Cross-site Scripting (XSS)

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Cross-site Scripting XSS via the plugin parameter in plugin/YPTWallet/plugins/YPTWalletStripe/confirmButton.php. An attacker can execute arbitrary JavaScript in a...

9.3CVSS5.8AI score0.00021EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/10/27 12:0 a.m.1 views

CVE-2025-54965

An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID parameter before using it in the job status page. An attacker who is able to social engineer a user into clicking a malicious link may be able to execute arbitrary...

6.4AI score0.00025EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/17 3:48 p.m.6 views

CVE-2025-58747 Dify MCP OAuth Flow Vulnerable to XSS

Dify is an LLM application development platform. In Dify versions through 1.9.1, the MCP OAuth component is vulnerable to cross-site scripting when a victim connects to an attacker-controlled remote MCP server. The vulnerability exists in the OAuth flow implementation where the authorizationurl...

5.1CVSS0.00044EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2019-9115

Malware in sbrugna...

10CVSS9.2AI score0.04533EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-6190

Malware in sbrugna...

8.8CVSS8.8AI score0.0025EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2015-1408

Malware in sbrugna...

5CVSS9.3AI score0.00931EPSS
Exploits0References18
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2006-4452

Malware in sbrugna...

5CVSS6.4AI score0.03954EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-3208

Malware in sbrugna...

7.5CVSS9.3AI score0.00755EPSS
Exploits0References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2017-1492

Malware in sbrugna...

5.4CVSS5.5AI score0.00256EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-14196

Malware in sbrugna...

9.4CVSS6.3AI score0.00145EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-18499

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.01781EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-43485

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00598EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-17888

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-26418

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00822EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-33124

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.02012EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-57427

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00241EPSS
Exploits2References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-52590

Malicious code in bioql PyPI...

5.4CVSS5AI score0.00289EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/09/03 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2012-5153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other...

7.5CVSS8.5AI score0.00712EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2015-1230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the...

7.5CVSS8.4AI score0.01726EPSS
Exploits0References2
Rows per page
Query Builder