CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

70 matches found

RedhatCVE•added 2026/01/09 9:30 a.m.•4 views

CVE-2023-29044

Documents operations could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborating parties does now get...

5.4CVSS7.5AI score0.00156EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-6457

Malware in sbrugna...

5.4CVSS5.5AI score0.00206EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-7728

Malware in sbrugna...

6.1CVSS6.3AI score0.002EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-32649

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00156EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-32648

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00156EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 5:15 a.m.•5 views

CVE-2023-29045

Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborati...

5.4CVSS7.5AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:47 a.m.•7 views

CVE-2023-29049

The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a compromised account, or gain temporary access to a legitimate account, could inject script code to gain persistent code execution capabilities under a trusted domain...

6.1CVSS7.5AI score0.00219EPSS

Exploits0References1

Vulnrichment•added 2024/01/10 10:37 a.m.•2 views

CVE-2023-48244

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request...

5.3CVSS6.1AI score0.00104EPSS

Exploits0References1

Cvelist•added 2023/11/02 1:1 p.m.•9 views

CVE-2023-29045

5.4CVSS6AI score0.00156EPSS

Exploits0References2

NVD•added 2023/05/10 8:15 p.m.•8 views

CVE-2023-31160

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

5.4CVSS5.2AI score0.00197EPSS

Exploits0References2

NVD•added 2023/05/10 8:15 p.m.•11 views

CVE-2023-31164

5.4CVSS5.2AI score0.0027EPSS

Exploits0References2

NVD•added 2023/05/10 8:15 p.m.•10 views

CVE-2023-31156

5.4CVSS5.2AI score0.0027EPSS

Exploits0References2

Prion•added 2023/05/10 8:15 p.m.•9 views

Cross site scripting

4.9CVSS5.7AI score0.0027EPSS

Exploits0References2Affected Software10

CVE•added 2023/05/10 7:25 p.m.•49 views

CVE-2023-31164

The CVE-2023-31164 entry concerns Schweitzer Engineering Laboratories RTAC Web Interface, where an improper neutralization of input during web page generation enables a cross-site scripting (XSS) flaw. The weakness could allow a remote authenticated attacker to inject and execute arbitrary script...

5.4CVSS5.3AI score0.0027EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/05/10 7:23 p.m.•12 views

CVE-2023-31159 Improper Neutralization of Input During Web Page Generation

4.3CVSS6AI score0.00197EPSS

Exploits0References2

Vulnrichment•added 2023/05/10 7:23 p.m.•11 views

CVE-2023-31159 Improper Neutralization of Input During Web Page Generation

4.3CVSS7.2AI score0.00197EPSS

Exploits0References2

Cvelist•added 2023/05/10 7:23 p.m.•14 views

CVE-2023-31158 Improper Neutralization of Input During Web Page Generation