Lucene search
K

140 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00574EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/20 12:31 a.m.23 views

EUVD-2026-30988

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

5.8AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 11:16 p.m.19 views

CVE-2026-6871

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

6.1CVSS0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 10:28 p.m.17 views

CVE-2026-6871

CVE-2026-6871 concerns the Drupal Obfuscate module. The issue is an XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions are from 0.0.0 up to, but not including, 2.0.2. The root cause is insufficient sanitization when obfuscated emails are pro...

6.1CVSS5.8AI score0.00196EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/19 10:28 p.m.40 views

CVE-2026-6871 Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 10:28 p.m.9 views

CVE-2026-6871

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

5.8AI score0.00196EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 10:28 p.m.10 views

CVE-2026-6871 Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

5.8AI score0.00196EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/19 10:28 p.m.9 views

CVE-2026-6871

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

6.1CVSS5.8AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 10:28 p.m.4 views

CVE-2026-6871 Obfuscate - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-033

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Obfuscate allows Cross-Site Scripting XSS. This issue affects Obfuscate: from 0.0.0 before 2.0.2...

6.1CVSS5.9AI score0.00196EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Drupal Obfuscate 跨站脚本漏洞

Drupal Obfuscate is a Drupal module from the Drupal community. Versions of Drupal Obfuscate prior to 2.0.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during the web page generation process, which could lead to cross-site scripting...

6.1CVSS5.6AI score0.00196EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.8 views

Neo4j < 5.26.21 Information Disclosure Vulnerability (CVE-2026-1622)

According to its self-reported version number, the version of Neo4j running on the remote host is a version prior to 5.26.21. It is, therefore, affected by a information disclosure vulnerability where The obfuscateliterals option in the query logs does not redact error information, exposing...

4.8CVSS5.5AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/04 12:31 p.m.3 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the obfuscateliterals option in query logging. An attacker can access sensitive information by reading unredacted error data in the query logs when queries fail. Notes: This is only...

5.5CVSS5.6AI score0.00144EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/04 12:31 p.m.9 views

Neo4j Enterprise and Community vulnerable to a potential information disclosure

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...

4.8CVSS5.5AI score0.00144EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/04 10:16 a.m.12 views

CVE-2026-1622

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...

4.8CVSS0.00144EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 9:14 a.m.3 views

CVE-2026-1622 Unredacted data exposure in query.log

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...

4.8CVSS5.5AI score0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 9:14 a.m.32 views

CVE-2026-1622 Unredacted data exposure in query.log

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...

4.8CVSS0.00144EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 9:14 a.m.1 views

CVE-2026-1622 Unredacted data exposure in query.log

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscateliterals" option in the query logs does not redact error information, exposing unredacted dat...

4.8CVSS6AI score0.00144EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-9609

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48339

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-33947

Malicious code in bioql PyPI...

4.3CVSS7.3AI score0.00801EPSS
Exploits0References7
Rows per page
Query Builder