Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Snyk
Snykadded 2026/05/14 8:29 p.m.7 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:svelte is a package for building web applications. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the handling of attribute spreading and dynamic name attributes within form elements. An attacker can inject malicious scripts by manipulatin...

8.2CVSS5.5AI score0.00047EPSS
Exploits0References2
OSV
OSVadded 2026/03/13 8:56 p.m.1 views

GHSA-44VG-5WV2-H2HG SimpleEval: Objects (including modules) can leak dangerous modules through to direct access inside the sandbox

Impact If the objects passed in as names to SimpleEval have modules or other disallowed / dangerous objects available as attrs. Additionally, dangerous functions or modules could be accessed by passing them as callbacks to other safe functions to call. Examples found by @ByamB4: Any module where...

9.8CVSS5.9AI score0.00052EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2007-5776

Malware in sbrugna...

4.3CVSS6.4AI score0.00537EPSS
Exploits0References9
RedhatCVE
RedhatCVEadded 2025/05/23 10:44 a.m.9 views

CVE-2024-47885

The Astro web framework has a DOM Clobbering gadget in the client-side router starting in version 3.0.0 and prior to version 4.16.1. It can lead to cross-site scripting XSS in websites enables Astro's client-side routing and has stored attacker-controlled scriptless HTML elements i.e., iframe tag...

5.9CVSS5.6AI score0.0094EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2024/09/18 9:15 p.m.4 views

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

5.9CVSS5.7AI score0.01135EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/09/16 1:51 a.m.4 views

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

5.9CVSS5.7AI score0.01135EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/08/22 12:0 a.m.3 views

REXML 安全漏洞

REXML is a Ruby open source XML toolkit for Ruby. A security vulnerability exists in REXML versions prior to 3.3.6, which stems from a denial of service DoS vulnerability when parsing deep XML containing many attributes with the same local name...

5.9CVSS6.3AI score0.01135EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 6:13 a.m.3 views

SUSE CVE-2006-7221

Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the 1 name and 2 dname entry attributes...

7.5CVSS6.8AI score0.00493EPSS
Exploits0References3
Rows per page
Query Builder