CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

577 matches found

EUVD•added 2025/11/11 12:41 a.m.•3 views

EUVD-2025-52071

Malicious code in sharp-blue-horse npm...

6.6AI score

Exploits0

ICS•added 2025/11/03 12:30 a.m.•4 views

ABB PCM600

SUMMARY An update is available that resolves vulnerability in the product versions listed as affected in this advisory. An attacker who successfully exploited this vulnerability could insert and run arbitrary code in the system. 2. MITIGATING FACTORS Mitigating factors describe conditions and...

5.5CVSS6.7AI score0.08926EPSS

Exploits1References11

RedhatCVE•added 2025/10/29 9:12 p.m.•10 views

CVE-2025-62798

Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. Thi...

5.4CVSS5.8AI score0.00176EPSS

Exploits0References1

Github Security Blog•added 2025/10/29 10:52 a.m.•8 views

Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax

A Cross-Site Scripting XSS vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in & were evaluated by Vue. This allowed attackers to inject arbitrary JavaScript or HTML that executes in the browser...

5.4CVSS6.1AI score0.00176EPSS

Exploits0References7Affected Software1

NVD•added 2025/10/28 9:15 p.m.•8 views

CVE-2025-62798

5.4CVSS0.00176EPSS

Exploits0References3

CVE•added 2025/10/28 8:58 p.m.•12 views

CVE-2025-62798

The CVE-2025-62798 issue affects the code16/sharp package (Sharp) used with Laravel, specifically the SharpShowTextField component. In vulnerable versions prior to 9.11.1, Vue evaluated expressions wrapped in {{ ... }} when rendering content, allowing attacker-controlled input to execute arbitrar...

5.4CVSS5.5AI score0.00176EPSS

Exploits0References3

Vulnrichment•added 2025/10/28 8:58 p.m.•2 views

CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax

5.4CVSS5.4AI score0.00176EPSS

Exploits0References3

OSV•added 2025/10/28 8:58 p.m.•5 views

CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax

5.4CVSS5.8AI score0.00176EPSS

Exploits0References5

Cvelist•added 2025/10/28 8:58 p.m.•29 views

CVE-2025-62798 Sharp user-provided input can be evaluated in a SharpShowTextField with Vue template syntax

5.4CVSS0.00176EPSS

Exploits0References3

Positive Technologies•added 2025/10/28 12:0 a.m.•6 views

PT-2025-44216

Name of the Vulnerable Software and Affected Versions Sharp versions prior to 9.11.1 Description Sharp, a content management framework for Laravel, contains a Cross-Site Scripting XSS issue in the SharpShowTextField component. Prior to version 9.11.1, expressions enclosed in & were processed by...

5.4CVSS5.8AI score0.00176EPSS

Exploits0References8

CNNVD•added 2025/10/28 12:0 a.m.•4 views

sharp 跨站脚本漏洞

sharp is a lovell Personal Developer for converting large images in common formats to smaller, web-friendly JPEG, PNG, WebP, GIF, and AVIF images of various sizes. A cross-site scripting vulnerability exists in versions prior to sharp 9.11.1 that stems from the SharpShowTextField component not...

5.4CVSS5.7AI score0.00176EPSS

Exploits0References4

HackRead•added 2025/10/22 6:38 p.m.•4 views

Bitter APT Exploiting Old WinRAR Vulnerability in New Backdoor Attacks

South Asian hacking group Bitter APT-Q-37 is deploying a C backdoor using two new methods: a WinRAR flaw and malicious Office XLAM files, targeting government and military sectors...

7AI score

Exploits0

RedhatCVE•added 2025/10/22 12:12 a.m.•13 views

CVE-2025-61457