EUVD-2007-2061

Malware in sbrugna...

EUVD-2025-28418

Malicious code in bioql PyPI...

CVE-2025-52218

The CVE-2025-52218 issue affects SelectZero Data Observability Platform versions prior to 2025.5.2. It stems from improper sanitization of unspecified parameters, enabling Content Spoofing / Text Injection that can affect the login page. A PT-2025-34773 entry confirms the affected line of attack ...

SUSE CVE-2010-2229

Multiple cross-site scripting XSS vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

GHSA-R8M7-792J-5JVQ TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards component

Multiple cross-site scripting XSS vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified...

GHSA-C73W-4RCJ-2622 Typo3 API Install Tool vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

Cross site scripting

Cross-site Scripting XSS in the spreadshirt-rss-3d-cube-flash-gallery plugin 2014 for WordPress allows remote attackers to execute arbitrary web script or HTML via unspecified parameters...

Cross-site Scripting (XSS)

pki-util is vulnerable to cross-site scripting XSS attacks. The vulnerability exists through multiple cross-site scripting XSS vulnerabilities in Red Hat Certificate System RHCS before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecifie...

Cross site scripting

Cross-site scripting XSS vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2018-10231

Cross-site scripting XSS vulnerability in TOPdesk before 8.05.017 June 2018 version and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2018-8802

SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CVE-2014-0029

Multiple cross-site scripting XSS vulnerabilities in the SAM web application in Red Hat katello-headpin allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2015-2145

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2014-9564

CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site scripting XSS attack...

CVE-2015-0674

Cross-site scripting XSS vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2015-0674

Cross-site scripting XSS vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

CVE-2016-1377

Cross-site scripting XSS vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776...

CVE-2016-1331

Multiple cross-site scripting XSS vulnerabilities in Cisco Emergency Responder 11.50.99833.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766...