Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-44832

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.00876EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-26853

Malicious code in bioql PyPI...

6.2CVSS5.3AI score0.00315EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-20711

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00107EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 10:9 a.m.3 views

CVE-2024-23192

RSS feeds that contain malicious data- attributes could be abused to inject script code to a users browser session when reading compromised RSS feeds or successfully luring users to compromised accounts. Attackers could perform malicious API requests or extract information from the users account...

6.1CVSS6.8AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:44 a.m.4 views

CVE-2023-22724

GLPI is a Free Asset and IT Management Software package. Versions prior to 10.0.6 are subject to Cross-site Scripting via malicious RSS feeds. An Administrator can import a malicious RSS feed that contains Cross Site Scripting XSS payloads inside RSS links. Victims who wish to visit an RSS conten...

6.2CVSS6AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/11/04 11:13 p.m.11 views

CVE-2024-50346 WebFeed HTML injection vulnerabilities

WebFeed is a lightweight web feed reader extension for Firefox/Chrome. Multiple HTML injection vulnerabilities in WebFeed can lead to CSRF and UI spoofing attacks. A remote attacker can provide malicious RSS feeds and attract the victim user to visit it using WebFeed. The attacker can then inject...

5.1CVSS7.3AI score0.00876EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2017/08/21 7:29 a.m.29 views

CVE-2017-12980

DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-controlled server to trigger JavaScript execution. The JavaScript can be in an author field, as...

6.1CVSS6.7AI score0.00507EPSS
Exploits1References2
securityvulns
securityvulnsadded 2010/09/17 12:0 a.m.71 views

[FLOCK-SA-2010-02] Flock Browser: A malicious RSS feed can bypass cross origin protection (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FLOCK-SA-2010-02 http://flock.com/security/ Title: A malicious RSS feed can bypass cross origin protection XSS Impact: High Announced on: 2010-09-09 Affected Products: Flock 3 versions prior to 3.0.0.4114 CVEs cve.mitre.org: CVE-2010-3262 Details: A...

4.3CVSS1.5AI score0.00285EPSS
Exploits0
securityvulns
securityvulnsadded 2009/09/09 12:0 a.m.66 views

[scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation

IBM Lotus Notes 8.5 RSS Widget Privilege Escalation scip AG Vulnerability ID 4021 09/08/2009 http://www.scip.ch/?vuldb.4021 I. INTRODUCTION Lotus Notes is a client-server, collaborative application developed and sold by IBM Software Group. More information is available on the official product web...

0.5AI score
Exploits0
Rows per page
Query Builder