Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/03/31 9:16 p.m.11 views

CVE-2026-34405

Summary: CVE-2026-34405 affects Nuxt OG Image. The vulnerable component (image-generation) is served at the URI /_og/d/ (and historically /og-image/) and can inject arbitrary HTML body attributes due to a flaw in Nuxt OG Image before version 6.2.5. Affected versions: prior to 6.2.5. Impact: poten...

6.1CVSS5.9AI score0.00216EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2026/03/31 9:16 p.m.2 views

CVE-2026-34405 Nuxt OG Image vulnerable to reflected XSS via query parameter injection into HTML attributes

Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...

6.1CVSS6AI score0.00216EPSS
Exploits1References3
NVD
NVDadded 2025/05/19 8:15 a.m.15 views

CVE-2025-47754

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!ConvMacroData function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

8.4CVSS0.00191EPSS
Exploits0References2
OSV
OSVadded 2025/04/16 3:16 p.m.1 views

UBUNTU-CVE-2025-22067

In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdnsmrvlxspisetupclock If requestedclk 128, cdnsmrvlxspisetupclock iterates over the entire cdnsmrvlxspiclkdivlist array without breaking out early, causing 'i' to go beyond the arr...

7.8CVSS6.5AI score0.00174EPSS
Exploits0References10
CNNVD
CNNVDadded 2022/03/18 12:0 a.m.5 views

WordPress plugin MaxGalleria 跨站脚本漏洞

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress MaxGalleria plugin version 6.2.5 contains a cross-site scripting vulnerability. An attacker can exploit the vulnerability to execute JavaScri...

4.8CVSS5.7AI score0.0054EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2020/05/26 12:0 a.m.5 views

PT-2020-4071 · Apple · Itunes For Windows +7

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.5 iPadOS versions prior to 13.5 tvOS versions prior to 13.4.5 watchOS versions prior to 6.2.5 Safari versions prior to 13.1.1 iTunes for Windows versions prior to 12.10.7 iCloud for Windows versions prior to 11.2 and...

10CVSS8.9AI score0.01648EPSS
Exploits0References11
CNVD
CNVDadded 2019/07/17 12:0 a.m.1 views

LibreOffice Information Disclosure Vulnerability (CNVD-2019-26825)

LibreOffice is an open source office software suite from The Document Foundation TDF. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. A security vulnerability exists in LibreOffice versions prior to 6.2.5. A remote attacker could explo...

4.3CVSS6.8AI score0.03089EPSS
Exploits0References1
Rows per page
Query Builder