Lucene search
K

105 matches found

OSV
OSV
added last week4 views

DRUPAL-CONTRIB-2026-075

This module enables you to use Single Directory Components in site building views, field formatters, blocks, layouts and it improves the Developer Experience DX with SDC. The module doesn't sufficiently sanitize the markup passed to components under certain scenarios. This vulnerability is...

5.4CVSS6AI score0.00274EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/12 6:16 p.m.8 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via mysqlrealescapestring when used with the text protocol and the Big5 character set. An attacker can execute arbitrary SQL queries by supplying specially crafted input that bypasses escaping performed by...

9.8CVSS6.2AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/05/22 3:1 p.m.1 views

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6.1AI score0.00178EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

FreeScout 代码问题漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.217 contained code vulnerabilities. These vulnerabilities stemmed from the Helper::sanitizeRemoteUrl function, which...

7.7CVSS5.9AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 6:50 p.m.5 views

GHSA-34R5-6J7W-235F Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...

6.9CVSS5.9AI score0.0056EPSS
Exploits1References5
Snyk
Snyk
added 2026/03/27 6:6 p.m.10 views

Cross-site Scripting (XSS)

Overview @n8n/n8n-nodes-langchain is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Custom CSS field in the Chat Trigger node due to improper sanitization in the sanitize-html library. An authenticated user with permission to create or modify workflows and...

5.4CVSS5.9AI score
Exploits0References2
Veracode
Veracode
added 2025/11/24 5:7 p.m.7 views

Stored Cross-site Scripting (XSS)

com.liferay.portal, release.portal.bom is vulnerable to Stored cross-site scripting XSS. The vulnerability is due to insufficient sanitization of rich text fields in web content translation, which allows an attacker to inject malicious HTML or script that executes when viewed by other users...

4.8CVSS6AI score0.00205EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/10/29 4:15 p.m.7 views

CVE-2025-54384

CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.9 and 2.11.4, the helpers.markdownextract function did not perform sufficient sanitization of input data before wrapping in an HTML literal element. This helper is used to render user-provided...

6.3CVSS0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-21948

Malware in sbrugna...

5.4CVSS5.6AI score0.00676EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-0900

Malware in sbrugna...

4.4CVSS5AI score0.00394EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-18132

Malware in sbrugna...

7.8CVSS7.7AI score0.00898EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-24900

Malware in sbrugna...

7.6CVSS7.5AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-1999-1567

Malware in sbrugna...

7.2CVSS6.4AI score0.00361EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-53557

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00385EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2797

Malicious code in bioql PyPI...

5.9CVSS5.9AI score0.00562EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-25579

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00749EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-34045

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00347EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5502

Malicious code in bioql PyPI...

6.7CVSS6.6AI score0.00188EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-1647

Malicious code in bioql PyPI...

6.2CVSS6.3AI score0.00299EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50550

Malicious code in bioql PyPI...

6.4CVSS9.1AI score0.00233EPSS
Exploits0References2
Rows per page
Query Builder