Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2026/02/01 12:15 p.m.3 views

EUVD-2022-55951

Stripe Green Downloads Wordpress Plugin 2.03 contains a persistent cross-site scripting vulnerability allowing remote attackers to inject malicious scripts in button label fields. Attackers can exploit input parameters to execute arbitrary scripts, potentially leading to session hijacking and...

6.4CVSS6.1AI score0.00039EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-18538

Malware in sbrugna...

7.2CVSS6.4AI score0.00261EPSS
Exploits0References6
Patchstack
Patchstackadded 2024/08/08 6:35 a.m.2 views

WordPress Gutenberg Blocks with AI by Kadence WP plugin < 3.2.39 - Contributor+ Stored XSS via "Days Label" vulnerability

Contributor+ Stored XSS via "Days Label" vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Gutenberg Blocks by Kadence Blocks versions 3.2.39...

5.4CVSS6AI score0.00357EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploitadded 2023/05/24 10:45 a.m.11 views

Exploit for Cross-site Scripting in Teampass

CVE-2023-2591: Stored HTML Injection in Item Label in Teampass...

7.1CVSS7.2AI score0.00586EPSS
Exploits2
CNNVD
CNNVDadded 2022/08/04 12:0 a.m.2 views

v4l2loopback 格式化字符串错误漏洞

v4l2loopback is a kernel module for creating V4L2 loopback devices by umläute individual developers. A formatting string error vulnerability exists in v4l2loopback, which stems from potentially leaking kernel stack memory based on the way the string is formatted in the card label, as well as...

7.3CVSS6.8AI score0.00053EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2021/03/03 12:28 p.m.3 views

jenkins: Stored XSS vulnerability in button labels

A flaw was found in jenkins. A cross-site scripting XSS vulnerability, due to the button labels not being properly escaped, can allow an attacker to control button labels. The highest threat from this vulnerability is to data confidentiality and integrity...

5.4CVSS5.6AI score0.00319EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2019/12/09 12:0 a.m.3 views

The vulnerability of the TCP/IP protocol stack implementation in the Windows operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol stack implementation in the Windows operating system is related to errors in handling IPv6 flow labels. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using a specially created...

5.3CVSS5.9AI score0.02732EPSS
Exploits0References3
NVD
NVDadded 2019/05/19 7:29 p.m.15 views

CVE-2019-12184

There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136...

5.4CVSS5.2AI score0.00206EPSS
Exploits1References1
NVD
NVDadded 2009/12/31 7:30 p.m.16 views

CVE-2009-4532

Cross-site scripting XSS vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label...

3.5CVSS5.3AI score0.00262EPSS
Exploits0References6
Rows per page
Query Builder