CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

69 matches found

Cvelist•added 2026/06/10 2:34 p.m.•28 views

CVE-2026-53693 MISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labels

A stored cross-site scripting vulnerability existed in MISP BSimVis tag rendering code. Several client-side rendering paths interpolated tag names, collection names, entity identifiers, cluster names, and tag metadata directly into HTML, HTML attributes, inline JavaScript event handlers, and CSS...

6.9CVSS0.00277EPSS

Exploits0References1

ATTACKERKB•added 2026/05/06 6:13 p.m.•5 views

CVE-2026-8021

Script injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

4.2CVSS6AI score0.00155EPSS

Exploits0References3Affected Software1

VulnCheck KEV•added 2026/04/07 12:0 a.m.•12 views

VulnCheck KEV: CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface...

4.3CVSS5.8AI score0.0078EPSS

In wildExploits0References2

RedhatCVE•added 2026/01/09 12:38 p.m.•27 views

CVE-2023-29772

A Cross-site scripting XSS vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote attackers to inject arbitrary web script or HTML via a malicious network request...

5.2CVSS5.9AI score0.11578EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:47 a.m.•10 views

CVE-2022-31205

In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication...

7.5CVSS6.7AI score0.0051EPSS

Exploits0References1

RedhatCVE•added 2025/11/11 8:42 p.m.•5 views

CVE-2025-12435

Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.0022EPSS

Exploits0References1