Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm
Packet Stormadded 2026/02/23 12:0 a.m.150 views

📄 jsPDF PDF Object Injection

jsPDF versions prior to 4.2.0 suffer from a PDF object injection vulnerability the addJS method. CVE-2026-25755: PDF Object Injection in jsPDF addJS Method Description A PDF Object Injection vulnerability was identified in the addJS method of jsPDF. The library fails to sanitize user-supplied inp...

8.8CVSS5.6AI score0.00026EPSS
Exploits2
ATTACKERKB
ATTACKERKBadded 2023/08/09 7:15 p.m.1 views

CVE-2023-39007

/ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php...

9.6CVSS7.3AI score0.54148EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2023/08/09 12:0 a.m.2 views

PT-2023-26733 · Opnsense · Opnsense Community Edition +1

Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue allows for XSS via the openAction in the app/controllers/OPNsense/Cron/ItemController.php file, specifically in the...

9.6CVSS8.9AI score0.54148EPSS
Exploits1References8
SUSE CVE
SUSE CVEadded 2023/02/15 6:4 a.m.1 views

SUSE CVE-2009-1492

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code...

9.3CVSS7.7AI score0.68063EPSS
Exploits5References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:59 a.m.1 views

SUSE CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

9.3CVSS6.6AI score0.91397EPSS
Exploits7References8
Debian CVE
Debian CVEadded 2018/06/11 9:0 p.m.21 views

CVE-2017-7821

A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those...

9.8CVSS9.5AI score0.02595EPSS
Exploits3
Prion
Prionadded 2008/09/15 5:12 p.m.8 views

Sql injection

SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action...

7.5CVSS9AI score0.00793EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2008/09/15 4:0 p.m.13 views

CVE-2008-4086

SQL injection vulnerability in index.php in Reciprocal Links Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the site parameter in an open action...

8.2AI score0.00793EPSS
Exploits1References6
Rows per page
Query Builder