CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE-2026-48591

Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...

4.8CVSS0.00133EPSS

Exploits0References2

Vulnrichment•added last week•8 views

CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark

4.8CVSS5AI score0.00133EPSS

Exploits0References2

EUVD•added last week•7 views

EUVD-2026-37761

4.8CVSS5AI score0.00133EPSS

Exploits0References2

NVD•added 2017/04/24 7:59 p.m.•11 views

CVE-2017-3572

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component of Oracle Commerce subcomponent: MDEX. Supported versions that are affected are 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1 and 6.5.2. Easily "exploitable" vulnerability allows unauthenticated attacker with...

7.5CVSS6.6AI score0.01821EPSS

Exploits0References2

Prion•added 2017/04/24 7:59 p.m.•11 views

Design/Logic Flaw

5CVSS6.5AI score0.01821EPSS

Exploits0References2Affected Software1

CVE•added 2017/04/24 7:0 p.m.•53 views

CVE-2017-3572

CVE-2017-3572 affects Oracle Commerce Guided Search/Oracle Commerce Experience Manager (MDEX subcomponent). Affected versions: 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2. The vulnerability allows an unauthenticated attacker with network access via HTTP to cause a hang or frequent crash of the aff...

7.5CVSS7.1AI score0.01821EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by