CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9CVSS9AI score0.00592EPSS

EUVD-2020-4337

Malware in sbrugna...

8.8CVSS8.8AI score0.00188EPSS

EUVD-2017-16897

Malware in sbrugna...

6.4CVSS6.5AI score0.00145EPSS

EUVD-2016-9201

Malware in sbrugna...

6.5CVSS6.6AI score0.00222EPSS

EUVD-2019-4970

Malware in sbrugna...

6.1CVSS6.7AI score0.0018EPSS

EUVD-2018-19237

Malware in sbrugna...

9.8CVSS9.5AI score0.00474EPSS

EUVD-2018-19229

Malware in sbrugna...

8.8CVSS7.1AI score0.00102EPSS

EUVD-2019-4971

Malware in sbrugna...

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-30478

Malicious code in bioql PyPI...

6.9CVSS5.7AI score0.00135EPSS

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-32054

Malicious code in bioql PyPI...

8.4CVSS6.6AI score0.00519EPSS

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-18212

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00145EPSS

RedhatCVE•added 2025/06/14 8:17 p.m.•3 views

CVE-2025-2745

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker with privileges to create/update annotations or upload media files to persist arbitrary JavaScript code that will be executed by users who were...

6.5CVSS6.2AI score0.00145EPSS

NVD•added 2025/06/12 8:15 p.m.•12 views

CVE-2025-2745

6.5CVSS0.00145EPSS

CVE•added 2025/06/12 7:42 p.m.•61 views

CVE-2025-2745

CVE-2025-2745 is a cross-site scripting vulnerability in AVEVA PI Web API (versions 2023 SP1 and prior). The root cause is improper handling that allows an authenticated attacker, with privileges to create/update annotations or upload media files, to persist arbitrary JavaScript code. The code co...

6.5CVSS6.3AI score0.00145EPSS

Cvelist•added 2025/06/12 7:42 p.m.•17 views

CVE-2025-2745 AVEVA PI Web API Cross-site Scripting

6.5CVSS0.00145EPSS

Vulnrichment•added 2025/06/12 7:42 p.m.•12 views

CVE-2025-2745 AVEVA PI Web API Cross-site Scripting

6.5CVSS6.5AI score0.00145EPSS

Positive Technologies•added 2025/06/12 12:0 a.m.•5 views

PT-2025-25349 · Aveva · Aveva Pi Web Api

Name of the Vulnerable Software and Affected Versions: AVEVA PI Web API versions 2023 SP1 and prior Description: A cross-site scripting issue exists that could allow an authenticated attacker with privileges to create or update annotations, or upload media files, to persist arbitrary JavaScript...

6.5CVSS5.8AI score0.00145EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 10:6 a.m.•6 views

CVE-2019-13516

In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect...

8.8CVSS6.8AI score0.00102EPSS

RedhatCVE•added 2025/05/22 8:16 a.m.•6 views

CVE-2019-13515

OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive information...

6.5CVSS6.8AI score0.00222EPSS

NVD•added 2024/06/12 9:15 p.m.•13 views

CVE-2024-3468

There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker...

8.4CVSS0.00519EPSS