Lucene search
K

77 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-40810

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.01637EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31970

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00555EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-36630

Malicious code in bioql PyPI...

3.3CVSS4.4AI score0.00238EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-39993

Malicious code in bioql PyPI...

5.5CVSS6.5AI score0.0124EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-22901

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30238

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.01197EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/29 11:29 p.m.8 views

CVE-2025-43220

This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...

0.00828EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 4: python-urllib3 (TSSA-2025:0061)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0061 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.1CVSS7.1AI score0.01207EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/06/09 1:15 p.m.11 views

Laravel Translation Manager Vulnerable to Stored Cross-site Scripting

Impact The application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data. An attacker can inject arbitrary HTML code, including JavaScript scripts, into the page processed by the user's browser, allowing them to steal sensitive...

6CVSS5.4AI score0.00352EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/30 4:58 a.m.9 views

CVE-2025-48483 FreeScout Stored XSS leads to CSRF

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site Scripting XSS attacks due to incorrect input validation and sanitization of user-input data during mail signature sanitization. An attacker can inject arbitrary HTML...

6.3CVSS6.2AI score0.00134EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.7 views

PT-2025-23234 · Unknown · Tinxy Wifi Lock Controller

Name of the Vulnerable Software and Affected Versions: Tinxy WiFi Lock Controller version v1 RF Description: The issue concerns the storage of sensitive user information, including credentials and mobile phone numbers, in plaintext. Recommendations: For Tinxy WiFi Lock Controller version v1 RF,...

7.5CVSS6.2AI score0.00205EPSS
Exploits0References9
OSV
OSV
added 2025/05/27 9:15 p.m.6 views

CVE-2025-5281

Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6.1AI score
Exploits0References2
CNVD
CNVD
added 2025/05/14 12:0 a.m.7 views

WordPress Ajax Load More plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Ajax Load More plugin, which stems from the application's lack of effective filtering and escaping of user-supplied...

6.5CVSS6.4AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.8 views

PT-2025-17499 · Sirv · Sirv

Name of the Vulnerable Software and Affected Versions: Sirv versions through 7.5.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. Specifically, it is a Stored XSS vulnerability, which means that an attacker can...

6.5CVSS6.8AI score0.00194EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.3 views

PT-2025-17093 · Unknown · Terminal Africa

Name of the Vulnerable Software and Affected Versions: Terminal Africa versions 1.13.17 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This means that an attacker can...

7.1CVSS7.2AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.6 views

PT-2025-17040 · Unknown · Beacon Lead Magnets/Lead Capture

Name of the Vulnerable Software and Affected Versions: Beacon Lead Magnets and Lead Capture versions 1.5.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Reflected XSS. This means a...

7.1CVSS6AI score0.00257EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/03 12:20 a.m.7 views

CVE-2025-30450

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 11:29 p.m.13 views

CVE-2025-30463

The issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to access sensitive user data...

5.5CVSS5.7AI score0.00257EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 11:15 p.m.10 views

CVE-2025-24239

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

6.5CVSS0.00496EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/31 10:23 p.m.5 views

CVE-2025-24263

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data...

8.5AI score0.0047EPSS
Exploits0References1
Rows per page
Query Builder