CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59050 matches found

OSV•added 2026/01/20 3:25 a.m.•4 views

MGASA-2026-0014 Updated thunderbird packages fix security vulnerabilities

Mitigation bypass in the DOM: Security component. CVE-2026-0877 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics component. CVE-2026-0879 Sandbox escape due to integer...

9.8CVSS5.5AI score0.0055EPSS

Exploits0References4

Mageia•added 2026/01/20 3:25 a.m.•7 views

Updated thunderbird packages fix security vulnerabilities

9.8CVSS5.6AI score0.0055EPSS

Exploits0References3

OSV•added 2026/01/20 3:25 a.m.•4 views

MGASA-2026-0013 Updated nss & firefox packages fix security vulnerabilities

9.8CVSS5.6AI score0.0055EPSS

Exploits0References5

Positive Technologies•added 2026/01/20 12:0 a.m.•5 views

PT-2026-3605

A reflected cross-site scripting xss vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00235EPSS

Exploits1References2

Positive Technologies•added 2026/01/20 12:0 a.m.•5 views

PT-2026-3612

Name of the Vulnerable Software and Affected Versions MedDream PACS Premium version 7.3.6.870 Description The software contains multiple reflected cross-site scripting xss issues within the config.php functionality. A crafted URL can trigger these issues, potentially leading to arbitrary javascri...

6.1CVSS5.5AI score0.00229EPSS

Exploits1References4

Positive Technologies•added 2026/01/20 12:0 a.m.•7 views

PT-2026-3643

Name of the Vulnerable Software and Affected Versions binary-parser versions prior to 2.3.0 Description A code injection flaw exists in the binary-parser library. This issue allows for arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters...

6.5CVSS7AI score0.00505EPSS

Exploits0References24

Positive Technologies•added 2026/01/20 12:0 a.m.•5 views

PT-2026-3618

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

6.1CVSS5.6AI score0.00229EPSS

Exploits1References2

Positive Technologies•added 2026/01/20 12:0 a.m.•6 views

PT-2026-3606

A reflected cross-site scripting xss vulnerability exists in the modifyAnonymize functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.0026EPSS

Exploits1References2

Positive Technologies•added 2026/01/20 12:0 a.m.•6 views

PT-2026-3625

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.1AI score0.00147EPSS

Exploits0References2

CNNVD•added 2026/01/20 12:0 a.m.•7 views

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the sendOruReport feature. An attacker could exploit the...

6.1CVSS5.9AI score0.00317EPSS

Exploits1References1

CNNVD•added 2026/01/20 12:0 a.m.•5 views

MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability. This vulnerability stems from a reflection-type cross-site scripting vulnerability in the...

6.1CVSS5.9AI score0.00235EPSS

Exploits1References1

CNNVD•added 2026/01/20 12:0 a.m.•4 views

Zuinq Studio – IsMyGym security vulnerability

Zuinq Studio IsMyGym is a sports center notification application developed by the Spanish company Zuinq Studio. There is a security vulnerability in Zuinq Studio IsMyGym, which stems from a reflective cross-site scripting attack. This vulnerability could allow attackers to execute JavaScript code...

5.1CVSS5.8AI score0.00272EPSS

Exploits0References1

CNNVD•added 2026/01/20 12:0 a.m.•3 views

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the email failedjob feature. An attacker could exploit the...

6.1CVSS5.9AI score0.00286EPSS

Exploits1References1

Positive Technologies•added 2026/01/20 12:0 a.m.•6 views

PT-2026-3617

6.1CVSS5.5AI score0.00229EPSS

Exploits1References4

CNNVD•added 2026/01/20 12:0 a.m.•4 views

MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability. This vulnerability stems from the reflective cross-site scripting vulnerability present in the...

6.1CVSS5.9AI score0.00235EPSS

Exploits1References1

CNNVD•added 2026/01/20 12:0 a.m.•5 views

MedDream PACS Premium security vulnerability

6.1CVSS5.9AI score0.00317EPSS

Exploits1References1

CNNVD•added 2026/01/20 12:0 a.m.•3 views

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There are security vulnerabilities in Node.js, which stem from the issue of not releasing the allocated memory when converting X.509 certificate fields to UTF-8. These vulnerabilities can...

7.5CVSS6.8AI score0.0023EPSS

Exploits0References2

Positive Technologies•added 2026/01/20 12:0 a.m.•8 views

PT-2026-3594

A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00317EPSS

Exploits1References2

Positive Technologies•added 2026/01/20 12:0 a.m.•8 views

PT-2026-3608

A reflected cross-site scripting xss vulnerability exists in the modifyRoute functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.0026EPSS

Exploits1References2

CNNVD•added 2026/01/20 12:0 a.m.•6 views

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. A cross-site scripting vulnerability exists in MedDream PACS Premium and is caused by improper validation of user-supplied input by the Modify Anonymization feature. An attacker could exploit the...

6.1CVSS5.9AI score0.0026EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by