CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-0612

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00328EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 3:25 p.m.•5 views

CVE-2020-27428

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS5.7AI score0.00328EPSS

Exploits0

Github Security Blog•added 2022/01/08 12:44 a.m.•35 views

Cross-site Scripting in Scratch-Svg-Renderer

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS5.6AI score0.00328EPSS

Exploits0References3Affected Software1

OSV•added 2022/01/08 12:44 a.m.•2 views

GHSA-H3VQ-WV8J-36GW Cross-site Scripting in Scratch-Svg-Renderer

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS6AI score0.00328EPSS

Exploits0References3

Veracode•added 2022/01/07 2:40 p.m.•18 views

Cross-site Scripting (XSS)

scratch-svg-renderer is vulnerable to cross-site scripting. An attacker is able to inject maliciously crafted sb3 file via the HTML DOM object model interface...

6.1CVSS1.8AI score0.00328EPSS

Exploits0References1Affected Software1

OSV•added 2022/01/06 12:15 a.m.•14 views

CVE-2020-27428

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS5.6AI score

Exploits0References1

NVD•added 2022/01/06 12:15 a.m.•13 views

CVE-2020-27428

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS0.00328EPSS

Exploits0References1

Prion•added 2022/01/06 12:15 a.m.•17 views

Cross site scripting

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

4.3CVSS5.8AI score0.00328EPSS

Exploits0References1Affected Software1

CVE•added 2022/01/05 11:37 p.m.•56 views

CVE-2020-27428

CVE-2020-27428 affects the Scratch-Svg-Renderer library (v0.2.0). The vulnerability is described as a DOM-based cross-site scripting (XSS) issue that allows an attacker to execute arbitrary web scripts or HTML through a crafted sb3 file. The cited impact indicates possible code execution in the c...

6.1CVSS5.8AI score0.00328EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by