Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-26135

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3443

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2025/07/21 9:29 a.m.16 views

CVE-2025-41675

CVE-2025-41675 concerns MB CONNECT LINE mbNET.mini and Helmholz/mbNET.mini gateways where an OS command injection arises from improper neutralization of special elements in OS commands. The vulnerability allows a high-privilege remote attacker to trigger arbitrary system commands via GET requests...

7.2CVSS7.2AI score0.00594EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/06 9:7 a.m.12 views

CVE-2025-28957

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OwnerRez OwnerRez API ownerrez allows Stored XSS.This issue affects OwnerRez API: from n/a through = 1.2.1...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References1
CVE
CVE
added 2025/07/02 2:38 p.m.20 views

CVE-2025-53493

CVE-2025-53493 affects MediaWiki MintyDocs Extension (versions 1.39.X–1.43.1) with Stored XSS due to improper neutralization of input during web page generation. The issue is fixed in 1.43.2; stakeholders should upgrade MintyDocs to 1.43.2 or later. Other connected sources (PT-2025-27640, Red Hat...

6.5CVSS6.4AI score0.0023EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/02/23 10:55 p.m.55 views

CVE-2025-22632

CVE-2025-22632 affects the WordPress plugin “WooCommerce Pricing – Product Pricing” (≤1.0.9) and is a Stored XSS vulnerability caused by improper input neutralization during page generation. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 (High) and indicates ...

7.1CVSS7.2AI score0.00224EPSS
Exploits0References1
Veracode
Veracode
added 2024/12/24 4:55 a.m.7 views

Cross-Site Scripting (XSS)

Drupal Core is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of input during web page generation, allowing malicious scripts to be executed on the client-side...

5.4CVSS6.1AI score0.00327EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.4 views

The vulnerability of the Gstreamer module in the office software package LibreOffice allows a hacker to execute arbitrary Gstreamer plugins.

The vulnerability of the Gstreamer module in the LibreOffice office software package exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary Gstreamer plugins...

8.3CVSS7.8AI score0.01017EPSS
Exploits0References13Affected Software8
Rows per page
Query Builder