Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-41283

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.0049EPSS
Exploits0References1
CVE
CVEadded 2024/04/03 10:55 p.m.49 views

CVE-2024-30265

CVE-2024-30265 affects Voilà (Voila dashboards) with a Local File Inclusion in the static route. The root cause is that StaticFileHandler is initialized with root '/' due to incorrect static_path handling, allowing an attacker to download any file readable by the server user over the network, dep...

7.5CVSS7.5AI score0.00236EPSS
Exploits0References6
Prion
Prionadded 2024/03/11 10:15 p.m.25 views

Design/Logic Flaw

Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should...

2.1CVSS7.2AI score0.00229EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2024/03/11 9:32 p.m.17 views

CVE-2024-25114 Sensitive Information Disclosure (JailID) to users in Collabora Online

Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should...

2.6CVSS6.9AI score0.00229EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/12/08 8:4 p.m.15 views

CVE-2023-49782 Cross-Site-Scripting vulnerability in error message passing in richdocumentscode

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server richdocumentscode release 23.5.601...

7.1CVSS7.1AI score0.00095EPSS
Exploits0References2
Prion
Prionadded 2023/05/15 9:15 p.m.14 views

Cross site scripting

Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account...

5.8CVSS6.1AI score0.01328EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2021/12/13 8:15 p.m.8 views

CVE-2021-43817

Collabora Online is a collaborative online office suite based on LibreOffice technology. In affected versions a reflected XSS vulnerability was found in Collabora Online. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and execute scripts insid...

8.2CVSS0.00219EPSS
Exploits0References1
Rows per page
Query Builder