Lucene search
K

515 matches found

Cvelist
Cvelist
added 2025/11/12 12:0 a.m.9 views

CVE-2025-59491

Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...

0.00174EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 12:0 a.m.18 views

CVE-2025-59491

CVE-2025-59491 is a Cross Site Scripting vulnerability affecting CentralSquare Community Development v19.5.7, reported across multiple feeds. Descriptions consistently state XSS via form fields, but the provided documents do not specify the underlying code path, affected modules, or root cause. P...

6.1CVSS6.1AI score0.00174EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.6 views

PT-2025-46668

Name of the Vulnerable Software and Affected Versions CentralSquare Community Development version 19.5.7 Description A Cross Site Scripting issue exists in CentralSquare Community Development. The issue is present in form fields, potentially allowing for malicious script injection. Recommendation...

6.1CVSS6.2AI score0.00174EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/11 3:19 p.m.2 views

EUVD-2025-88680

Malicious code in squarerookz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.1 views

EUVD-2025-73554

Malicious code in squareclownfishz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:18 a.m.3 views

EUVD-2025-73551

Malicious code in squaretyrannosaurusrequirement npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 4:25 a.m.2 views

EUVD-2025-66518

Malicious code in squarekingfisherz3n npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:41 a.m.4 views

Malicious code in square-coffee-grouse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 810c6489fd1b4ec065f2c745dc8d310702c9ffa3dd4788b5f19c257124354890 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:41 a.m.2 views

Malicious code in square-coral-ape (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02e84e88ab5326f140d99310d7e5784957b78cceda076b61251429d444befa2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.3 views

EUVD-2025-51844

Malicious code in square-coffee-grouse npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.2 views

EUVD-2025-51843

Malicious code in square-coral-ape npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/10 6:2 p.m.1 views

EUVD-2025-49326

Malicious code in squareguppyz3n npm...

6.6AI score
Exploits0
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2025/11/04 12:49 a.m.7 views

Creating a Linux Application Using VSCodium, Cline, OpenRouter, and Claude

In March I created a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude. This was a program that created square screen captures. The user doesn't need to manually ensure the dimensions are a square. The program makes the window grow and shrink while keeping the length equ...

7.1AI score
Exploits0
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.7 views

Astra Linux – Vulnerability in Python 3.11

The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that include square brackets, which is not valid according to RFC 3986. Square brackets are only intended to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could lead to...

6.3CVSS6.6AI score0.01499EPSS
Exploits0References3
CVE
CVE
added 2025/10/29 10:10 p.m.48 views

CVE-2025-47912

CVE-2025-47912 is addressed in IBM Cloud Pak for Business Automation/IBM Business Automation Workflow container bulletins. The IBM advisories confirm that the vulnerability stems from a parsing flaw in the Parse function: it allows values other than IPv6 addresses to be placed inside square brack...

5.3CVSS6.5AI score0.00443EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2025/10/29 9:49 p.m.4 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview std/net/url is a Go standard library package std/net/url Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere. Go Vulnerability Report:The Parse function permits values other than IPv6 addresses to be included in...

8.2CVSS6.9AI score0.00443EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.4 views

Google Go 安全漏洞

Google Go is a static strongly-typed, compiled, concatenated, and garbage-collected programming language from Google, Inc USA. A security vulnerability exists in Google Go that stems from the Parse function not properly validating the IPv6 address format within square brackets in the URL host...

5.3CVSS6.4AI score0.00443EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/10/08 11:22 p.m.3 views

SUSE CVE-2025-47912

The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://::1/". IPv4 addresses and hostnames mus...

8.2CVSS6.9AI score0.00443EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4028

Malware in sbrugna...

7.5CVSS6.4AI score0.00967EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-6925

Malware in sbrugna...

7.5CVSS6.4AI score0.02501EPSS
Exploits1References4
Rows per page
Query Builder