CVE-2025-47914

creationtimestamp| type| source ---|---|--- 2025-11-19 21:31:45+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m5z7bcvx372b 2025-11-20 00:31:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5zjcqteg32j 2026-01-12 14:15:14+00:00| seen|...

EUVD-2024-41411

Malicious code in bioql PyPI...

EUVD-2024-34985

Malicious code in bioql PyPI...

EUVD-2024-36479

Malicious code in bioql PyPI...

PT-2025-28043 · Undefined · Undefined

CVE-2024-12685 Rejected reason https://t.co/LG3OZlg1fA...

GHSA-XQ5X-WGCM-3P33

creationtimestamp| type| source ---|---|--- 2025-06-18 22:41:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18814 2025-06-18 22:53:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114706821031041429 2025-06-18 23:00:49+00:00| published-proof-of-concept|...

Debian: Security Advisory (DLA-4096-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)

Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...

CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)

Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...

SAP NetWeaver AS ABAP Improper Access Control (3468102)

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read ...

CVE-2024-41732

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link that could bypass allowlist controls. Depending on the web applications provided by this server, the attacker might inject CSS code or links into the web application that could allow the attacker to read ...

CVE-2024-37173 [Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

CVE-2024-37173

CVE-2024-37173 affects SAP CRM WebClient UI. The issue is due to insufficient input validation that allows an unauthenticated attacker to craft a URL embedding a malicious script. When a user clicks the link, the script executes in the victim’s browser, enabling the attacker to access and/or modi...

CVE-2024-34686 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

CVE-2024-34686 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)

Due to insufficient input validation, SAP CRM WebClient UI allows an unauthenticated attacker to craft a URL link which embeds a malicious script. When a victim clicks on this link, the script will be executed in the victim's browser giving the attacker the ability to access and/or modify...

CVE-2024-34686

CVE-2024-34686 concerns SAP CRM WebClient UI. The affected component is the SAP CRM WebClient UI, where insufficient input validation allows an unauthenticated attacker to craft a URL embedding a malicious script. When a victim clicks the link, the script runs in the victim’s browser, enabling th...

Cross-site Scripting (XSS) - Stored in jonschoning/espial

Description Stored XSS in url link Proof of Concept // PoC reqest POST /api/add HTTP/2 Host: esp.ae8.org Cookie:...

CVE-2019-12836

The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker to add a URL/Link to an existing issue that can cause forgery of a request to an out-of-origin domain. This in turn may allow for a forged request that can be invoked in the context of an authenticated user, leading to stealing ...

Cross-site Scripting (XSS)

Apache JSPWiki is vulnerable to cross-site scripting. An attacker can inject arbitrary code via the URL link, causing the code execution on another user's session...

Slack: URL link spoofing

Words such as http://example.com and example.com included in the message are displayed by URL link. This URL link naturally links to example.com. However, we can spoof the link destination by changing the message post request. diff POST /api/chat.postMessage HTTP/1.1 Host: example.slack.com...