CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-0394

Malware in sbrugna...

6.1CVSS6.5AI score0.01988EPSS

Exploits1References13

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-0736

Malware in sbrugna...

9.8CVSS9AI score0.01239EPSS

Exploits0References4

OSSF Malicious Packages•added 2025/05/10 3:21 a.m.•4 views

Malicious code in braze-i18n-knockout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca6ae5dbaa6927991987f0b0e26192dcbfc2fbcbeeca91e3cb34621bd6f1a48b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1

OSV•added 2025/05/10 3:21 a.m.•3 views

MAL-2025-3721 Malicious code in braze-i18n-knockout (npm)

7.2AI score

Exploits0References1

Tenable Nessus•added 2021/10/27 12:0 a.m.•9 views

Out-of-Date Knockout JS Detected

An out-of-date version of Knockout JS has been detected. An outdated version could have vulnerabilities or missing security features. No source data...

7.6AI score

Exploits0References2

OSV•added 2021/02/25 1:44 a.m.•3 views

GHSA-QFMR-6QVH-49GM XSS

Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc. Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older...

6.5AI score

Exploits0References2

Github Security Blog•added 2021/02/25 1:44 a.m.•14 views

XSS

Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc. Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older...

2.7AI score

Exploits0References3Affected Software1

BDU FSTEC•added 2020/10/01 12:0 a.m.•2 views

The vulnerability of the Knockout.js library, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Knockout.js library is related to the lack of protective measures for website structures. Exploiting this vulnerability can allow a remote attacker to perform cross-site scripting attacks...

6.1CVSS6.5AI score0.01988EPSS

Exploits1References5Affected Software3

vulnersOsv•added 2020/04/01 3:47 p.m.•1 views

@cardgamesplay/klondike (>=0.1.0 <=0.1.1), @devexpress/analytics-core (>=18.2.7 <=19.1.1-alpha-19071-2010) +68 more potentially affected by CVE-2019-14862 via knockout (>=2.2.1 <=3.5.0-beta)

knockout NPM version =2.2.1, =0.1.0, =18.2.7, =4.0.0, =0.1.0-zgx, =0.1.0, =1.0.0, =0.0.1, =0.2.20, =18.2.7, =17.2.2-beta, =18.2.7, =1.2.1, =2.0.1-beta, =2.0.4-beta and more Source cves: CVE-2019-14862 Source advisory: OSV:GHSA-VCJJ-XF2R-MWVC...

6.1CVSS6.6AI score0.01988EPSS

Exploits1

OSV•added 2020/04/01 3:47 p.m.•30 views

GHSA-VCJJ-XF2R-MWVC XSS in knockout

There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it...

6.1CVSS6.2AI score0.01988EPSS

Exploits1References10

Github Security Blog•added 2020/04/01 3:47 p.m.•93 views

XSS in knockout

6.1CVSS2.9AI score0.01988EPSS

Exploits1References11Affected Software1