Lucene search
K

307 matches found

CNNVD
CNNVD
added 2025/08/25 12:0 a.m.3 views

The Scratch Channel 输入验证错误漏洞

The Scratch Channel is a project site of The Scratch Channel open source. An input validation error vulnerability exists in version 1 of The Scratch Channel, which stems from the fact that local storage can be edited, potentially leading to account information tampering...

6.7CVSS6.1AI score0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/08 11:19 p.m.13 views

CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite

Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...

0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/08 11:19 p.m.5 views

CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite

Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...

7AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 5:15 p.m.22 views

CVE-2025-53904

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

5.3CVSS0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/16 5:2 p.m.25 views

CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

5.3CVSS0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/16 5:2 p.m.4 views

CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

5.3CVSS6.8AI score0.00327EPSS
Exploits0References2
CVE
CVE
added 2025/07/16 5:2 p.m.31 views

CVE-2025-53904

CVE-2025-53904 concerns The Scratch Channel (a news site under development) with a potential reflected Cross-Site Scripting (XSS) vulnerability in the file /api/admin.js. The issue arises from code in that file that could allow XSS, as described across multiple sources (NVD/Red Hat/CVE list). The...

5.3CVSS6.3AI score0.00327EPSS
Exploits0References2
OSV
OSV
added 2025/07/16 5:2 p.m.5 views

CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

5.3CVSS6.6AI score0.00327EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.5 views

The Scratch Channel 安全漏洞

The Scratch Channel is a project website of The Scratch Channel open source. A security vulnerability exists in The Scratch Channel, which stems from a code issue in the api/admin.js file that could lead to a cross-site scripting attack...

5.3CVSS6.2AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.7 views

PT-2025-29869 · Unknown · Scratch Channel

Name of the Vulnerable Software and Affected Versions: The Scratch Channel affected versions not specified Description: The Scratch Channel is a news website currently under development. The file /api/admin.js contains code that could lead to cross-site scripting. Recommendations: At the moment,...

5.3CVSS6AI score0.00327EPSS
Exploits0References6
NVD
NVD
added 2025/07/15 7:15 p.m.32 views

CVE-2025-53903

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...

5.3CVSS0.00327EPSS
Exploits0References2
OSV
OSV
added 2025/07/15 6:22 p.m.5 views

CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...

5.3CVSS6.2AI score0.00327EPSS
Exploits0References4
CVE
CVE
added 2025/07/15 6:22 p.m.26 views

CVE-2025-53903

CVE-2025-53903 affects The Scratch Channel’s web application, with a cross-site scripting (XSS) vulnerability stemming from unsanitized input in /api/users.js. The issue is addressed by commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb. Public documents describe the vulnerability and fix; exploitat...

5.3CVSS5.9AI score0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/15 6:22 p.m.30 views

CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...

5.3CVSS0.00327EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/15 6:22 p.m.9 views

CVE-2025-53903 The Scratch Channel Has Potential Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn't properly sanitize text box inputs, leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue...

5.3CVSS5.9AI score0.00327EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.7 views

The Scratch Channel 跨站脚本漏洞

The Scratch Channel is a project site of The Scratch Channel open source. A cross-site scripting vulnerability exists in The Scratch Channel, which stems from improperly cleaned text box input and could lead to a cross-site scripting attack...

5.3CVSS5.9AI score0.00327EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.6 views

PT-2025-29593 · Unknown · Scratch Channel

Name of the Vulnerable Software and Affected Versions: The Scratch Channel affected versions not specified Description: The application does not properly sanitize text box inputs in the /api/users.js file, potentially leading to cross-site scripting attacks. Recommendations: At the moment, there ...

5.3CVSS5.6AI score0.00327EPSS
Exploits0References7
OSV
OSV
added 2025/06/18 10:15 a.m.3 views

UBUNTU-CVE-2025-38047

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Fix system hang during S4 resume with FRED enabled Upon a wakeup from S4, the restore kernel starts and initializes the FRED MSRs as needed from its perspective. It then loads a hibernation image, including the image...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/23 8:17 a.m.4 views

CVE-2024-10546

A vulnerability classified as critical was found in open-scratch Teaching 在线教学平台 up to 2.7. This vulnerability affects unknown code of the file /api/sys/ng-alain/getDictItemsByTable/ of the component URL Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The...

6.5CVSS7.2AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.8 views

CVE-2024-12545

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.1. This is due to missing nonce validation on the resetinstallation function...

5.4CVSS6.5AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder