Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/03/11 12:0 a.m.0 views

PT-2026-24739

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, this vulnerability occurs due to improper validation of OpenProject’s Markdown rendering, specifically in the hyperlink handling. This allows an attacker to inject malicious hyperlink payloads that perform DOM...

6.5CVSS5.8AI score0.00103EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-6134

Malware in sbrugna...

9.3CVSS7.5AI score0.01017EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 10:18 p.m.4 views

CVE-2022-1539

The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks...

8.8CVSS6.7AI score0.00967EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/06/29 12:0 a.m.1 views

Ericsson Network Manager 安全漏洞

Ericsson Network Manager is a network manager from Ericsson, Sweden. It covers monitoring, troubleshooting, configuration, automation and optimization of networks. A security vulnerability exists in Ericsson Network Manager versions prior to 22.1, which stems from improperly neutralized formula...

6.8CVSS7.4AI score0.01489EPSS
Exploits0References3
Cvelist
Cvelistadded 2023/06/29 12:0 a.m.11 views

CVE-2022-46408

Ericsson Network Manager ENM, versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager NCM where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker...

7.2AI score0.01489EPSS
Exploits0References1
OSV
OSVadded 2022/07/25 1:15 p.m.0 views

CVE-2022-1539

The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks...

8.8CVSS5.8AI score0.00967EPSS
Exploits1References1
NCSC
NCSCadded 2021/08/10 12:0 a.m.2 views

Vulnerability fixed in Jupyter notebook

Jupyter has fixed a vulnerability in notebook. The vulnerability is known as a so-called Cross-Site-Scripting XSS. The vulnerability allows a malicious person to execute arbitrary code under the privileges of the victim. To do this, the malicious party must induce the victim to to follow a rogue...

10CVSS7.2AI score0.00172EPSS
Exploits1
Hacker One
Hacker Oneadded 2021/04/15 10:42 p.m.24 views

UPchieve: Hyper Link Injection while signup

Summary: Attacker can add their name to a URL in order to send email containing malicious hyperlinks. while signup Steps To Reproduce: 1-Go to https://app.upchieve.org and create account with the first name http://attacker.com/ and last name . 2-Now check your email and you notice there is...

6.6AI score
Exploits0
Rows per page
Query Builder