CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4329 matches found

Debian•added 2025/08/11 6:48 p.m.•4 views

[SECURITY] [DLA 4269-1] ca-certificates-java bugfix update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4269-1 [email protected] https://www.debian.org/lts/security/ Bastien RoucariÃ¨s August 11, 2025 https://wiki.debian.org/LTS -...

6.9AI score

Exploits0

OSSF Malicious Packages•added 2025/07/31 7:16 p.m.•5 views

Malicious code in torrent-tracker-scraper (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

OSV•added 2025/07/31 7:16 p.m.•5 views

MAL-2025-6603 Malicious code in torrent-tracker-scraper (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score

Exploits0

Tenable Nessus•added 2025/07/25 12:0 a.m.•5 views

NewStart CGSL MAIN 7.02 : tracker-miners Multiple Vulnerabilities (NS-SA-2025-0139)

The remote NewStart CGSL host, running version MAIN 7.02, has tracker-miners packages installed that are affected by multiple vulnerabilities: - libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of...

8.8CVSS8.1AI score0.1657EPSS

Exploits2References5

Veracode•added 2025/07/16 5:22 a.m.•6 views

Cross-Site Scripting (XSS)

roundup is vulnerable to cross-site scripting XSS. The vulnerability is due to improper sanitization of user-supplied input in URLs when interacting with issue tracker templates devel and responsive, which allows an attacker to inject and execute arbitrary scripts in the context of a user's brows...

6.4CVSS6AI score0.00184EPSS

Exploits0References7Affected Software1

OSSF Malicious Packages•added 2025/07/15 11:53 p.m.•3 views

Malicious code in @gdcorp-commerce/cx-event-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10dd727785804adabaebb122da36be51c97a082214c8d6de8d70a1ad01f3b5e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2025/07/15 11:53 p.m.•2 views

MAL-2025-5870 Malicious code in @gdcorp-commerce/cx-event-tracker (npm)

7AI score

Exploits0References1

RedhatCVE•added 2025/07/15 12:21 a.m.•8 views

CVE-2025-53865

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS6.3AI score0.00184EPSS

Exploits0References1

Patchstack•added 2025/07/14 11:56 a.m.•6 views

WordPress WP-Click-Tracker Plugin <= 0.7.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP-Click-Tracker versions = 0.7.3...

7.1CVSS6.2AI score0.00214EPSS

Exploits0Affected Software1

OSV•added 2025/07/13 9:30 p.m.•8 views

GHSA-QXH9-QMF2-RHWC Roundup is vulnerable to XSS through interactions between URLs and issue tracker templates

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS5.5AI score0.00184EPSS

Exploits0References7

Github Security Blog•added 2025/07/13 9:30 p.m.•14 views

Roundup is vulnerable to XSS through interactions between URLs and issue tracker templates

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS5.7AI score0.00184EPSS

Exploits0References7Affected Software1

HackRead•added 2025/07/13 9:27 p.m.•3 views

Your Simple Guide: How to Use Filmora’s Planar Tracker for Awesome Video Edits

Easily stick logos, text, or graphics onto moving surfaces with Filmora’s planar tracker. Just read this article to know how!...

7.2AI score

Exploits0

PyPA•added 2025/07/13 8:15 p.m.•9 views

PYSEC-2025-69

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS6.5AI score0.00184EPSS

Exploits0References3Affected Software1

NVD•added 2025/07/13 8:15 p.m.•9 views

CVE-2025-53865

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS0.00184EPSS

Exploits0References2

Snyk•added 2025/07/13 8:15 p.m.•2 views

Cross-site Scripting (XSS)

Overview roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the interaction between URLs and issue tracker templates. An attacker can execute arbitrary scripts...

6.4CVSS5.4AI score0.00184EPSS

Exploits0References2

OSV•added 2025/07/13 8:15 p.m.•11 views

PYSEC-2025-69

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS6.2AI score0.00184EPSS

Exploits0References3

OSV•added 2025/07/13 8:15 p.m.•4 views

UBUNTU-CVE-2025-53865

In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker templates devel and responsive...

6.4CVSS5.8AI score0.00184EPSS

Exploits0References4

Positive Technologies•added 2025/07/13 12:0 a.m.•11 views

PT-2025-29382 · Roundup · Roundup

Name of the Vulnerable Software and Affected Versions: Roundup versions prior to 2.5.0 Description: Roundup is susceptible to a cross-site scripting issue. This occurs through the interaction between URLs and issue tracker templates devel and responsive. Recommendations: Update Roundup to version...

6.4CVSS5.6AI score0.00184EPSS

Exploits0References16