Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-39184

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:59 a.m.4 views

CVE-2019-20801

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...

5.3CVSS7.2AI score0.00213EPSS
Exploits1References1
Veracode
Veracodeadded 2025/02/25 6:8 a.m.5 views

Cross-Site Scripting (XSS)

@ckeditor/ckeditor5-real-time-collaboration is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper handling of user markers in the real-time collaboration package, which can allow unauthorized JavaScript execution in certain editor and token endpoint configurations...

2.3CVSS6.2AI score0.00348EPSS
Exploits0References4Affected Software2
OSV
OSVadded 2024/09/25 1:27 p.m.11 views

CVE-2024-45613 CKEditor 5 has Cross-site Scripting vulnerability in the clipboard package

CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting XSS vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code...

5.1CVSS6.2AI score0.0038EPSS
Exploits0References4
CNVD
CNVDadded 2024/07/05 12:0 a.m.5 views

Splunk Enterprise Cross-Site Scripting Vulnerability (CNVD-2024-34270)

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines and cloud. Splunk...

5.4CVSS6.2AI score0.00468EPSS
Exploits0References1
OSV
OSVadded 2022/12/22 8:15 p.m.8 views

CVE-2022-3033

If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. I...

8.1CVSS8AI score
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2018/12/21 12:0 a.m.25 views

Foxit PhantomPDF < 7.3.13 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 7.3.13. It is, therefore, affected by multiple vulnerabilities: - Unauthorized javascript execution when disabled. - Arbitrary Write supporting remote code...

5.9AI score
Exploits0References1
Rows per page
Query Builder