Lucene search
K

1833 matches found

RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.19 views

CVE-2026-24528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS5.4AI score0.00156EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 3:16 p.m.9 views

CVE-2026-24528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.3 views

CVE-2026-24528 WordPress Nova Blocks plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.10 views

CVE-2026-24528

CVE-2026-24528 refers to a Cross-Site Scripting (DOM-Based XSS) vulnerability in Pixelgrade Nova Blocks (nova-blocks) affecting versions up to and including 2.1.9. Technical details across sources confirm an improper input handling/neutralization during web page generation that enables DOM-based ...

6.5CVSS5.4AI score0.00156EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24528

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS5.9AI score0.00156EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.40 views

CVE-2026-24528 WordPress Nova Blocks plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pixelgrade Nova Blocks nova-blocks allows DOM-Based XSS.This issue affects Nova Blocks: from n/a through = 2.1.9...

6.5CVSS0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.5 views

WordPress plugin Nova Blocks has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4377

Name of the Vulnerable Software and Affected Versions pixelgrade Nova Blocks versions through 2.1.9 Description The software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for potential maliciou...

6.5CVSS5.8AI score0.00156EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-20315

Name of the Vulnerable Software and Affected Versions OpenStack Nova affected versions not specified Description The software calls qemu-img without format restrictions when resizing images. A malicious QCOW header could potentially convince Nova's flat image backend to execute an unsafe image...

8.2CVSS5.6AI score0.00341EPSS
Exploits0References19
Cvelist
Cvelist
added 2025/12/31 1:2 a.m.34 views

CVE-2025-15371 Tenda i24 Shadow File hard-coded credentials

A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. T...

8.5CVSS0.00118EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

Tenda多款产品 信任管理问题漏洞

Tenda i24 and others are products of Tenda, a Chinese company. tenda i24 is a wireless router. tenda 4G03 is a wireless router tenda 4G05 is a wireless router. A trust management issue vulnerability exists in various Tenda products.The vulnerability stems from incorrect operation of the Shadow Fi...

8.5CVSS7.7AI score0.00118EPSS
Exploits0References11
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.6 views

Penetration Testing of Agentic AI: A Comparative Security Analysis across Models and Frameworks

Agentic AI introduces security vulnerabilities that traditional LLM safeguards fail to address. Although recent work by Unit 42 at Palo Alto Networks demonstrated that ChatGPT-4o successfully executes attacks as an agent that it refuses in chat mode, there is no comparative analysis in multiple...

7.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 6:45 a.m.4 views

nova-act (>=2.3.18.0 <=3.1.18.0) potentially affected by unknown CVE via strands-agents (=1.14.0)

strands-agents PYPI version =1.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on strands-agents and may be impacted: - nova-act =2.3.18.0, =3.1.18.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-STRANDSAGENTS-14157238...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/01 4:16 p.m.5 views

Malicious code in nova-angular-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1edbc661355ab22d5857395431ed8c7eb4bd73b77e1080a8cdb5ad1c386a8e The package nova-angular-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/12/01 4:16 p.m.2 views

MAL-2025-191521 Malicious code in nova-angular-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1edbc661355ab22d5857395431ed8c7eb4bd73b77e1080a8cdb5ad1c386a8e The package nova-angular-project was found to contain malicious code...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/12/01 4:16 p.m.4 views

EUVD-2025-200048

Malicious code in nova-angular-project npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.10 views

TencentOS Server 4: openstack-glance (TSSA-2025:0076)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0076 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.5CVSS6.6AI score0.00835EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-175459

Malicious code in yakutsk-luna-nova-triton npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in yakutsk-luna-nova-triton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1247a887e7b5c2f9fd964d4f486657e8b0b2f0cb3db19d32b6971e95515ac6f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-178551

Malicious code in helmet-terser-isostasy-nova npm...

6.6AI score
Exploits0
Rows per page
Query Builder