Lucene search
K

340 matches found

ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-55877

Symfony UX is a JavaScript ecosystem for Symfony. From 2.17.0 before 2.36.1 and from 3.0.0 before 3.2.0, the uxicon Twig function is marked issafe='html' and Icon::toHtml inlines SVG source verbatim, allowing unsanitized local SVG files or Iconify on-demand JSON body responses containing nested...

6.1CVSS5.6AI score0.00194EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54113

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is a vulnerability that enables the execution of arbitrary scripts ...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References449
Friends Of PHP
Friends Of PHP
added 2026/06/19 7:21 a.m.8 views

symfony/ux-icons XSS via unsanitized SVG content in local files and Iconify on-demand responses

Description The uxicon Twig function is marked issafe='html', so Twig never escapes its output. Icon::toHtml inlines the SVG source verbatim into the page. Browsers execute elements and on event-handler attributes found inside inline SVG, making any unsanitized icon a vector for cross-site...

6.1CVSS6AI score0.00194EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/31 5:40 p.m.5 views

CVE-2026-32607 Discourse: Stored XSS via unescaped assignee name

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, when the hidden prioritizefullnameinux site setting is enabled defaults to false, requires console access to change, user...

2.1CVSS5.8AI score0.00167EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.5 views

PT-2026-7190

Tanium addressed an arbitrary file deletion vulnerability in end-user-cx...

5.5CVSS5.6AI score0.00336EPSS
Exploits0References2
Filippo.io
Filippo.io
added 2025/12/19 2:3 p.m.8 views

Building a Transparent Keyserver

Today, we are going to build a keyserver to lookup age public keys. That part is boring. What’s interesting is that we’ll apply the same transparency log technology as the Go Checksum Database to keep the keyserver operator honest and unable to surreptitiously inject malicious keys, while still...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/08 11:58 a.m.7 views

How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?

The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers time automated campaigns to get maximum return. Multiple industry threat reports show that bot-driven fraud, credential stuffing and account takeover attempts intensify around peak...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11837

Malware in sbrugna...

4.3CVSS4.2AI score0.00519EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-26346

Malware in sbrugna...

9.8CVSS9.4AI score0.00752EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14116

Malware in sbrugna...

6.1CVSS7.8AI score0.01231EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-6436

Malware in sbrugna...

4.9CVSS6.3AI score0.00972EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19366

Malware in sbrugna...

8.1CVSS7.8AI score0.01434EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/10/05 12:0 a.m.6 views

Selecting Cybersecurity Requirements: Effects of LLM Use and Professional Software Development Experience

This study investigates how access to Large Language Models LLMs and varying levels of professional software development experience affect the prioritization of cybersecurity requirements for web applications. Twenty-three postgraduate students participated in a research study to prioritize...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-2951

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00576EPSS
Exploits0References4
HackRead
HackRead
added 2025/09/01 7:49 p.m.4 views

Generative Engine Optimisation: What It Is and Why You Need an Agency for It

As digital marketing keeps changing, staying ahead means adopting the latest strategies that enhance online visibility and user…...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-38022 Malicious code in ux-aspects (npm)

The package ux-aspects was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.6 views

Malicious code in ux-aspects (npm)

The package ux-aspects was found to contain malicious code...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.7 views

Human-Centred AI in FinTech: Developing a User Experience (UX) Research Point of View (PoV) Playbook

Advancements in Artificial Intelligence AI have significantly transformed the financial industry, enabling the development of more personalized and adaptable financial products and services. This research paper explores various instances where Human-Centred AI HCAI has facilitated these...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/06/18 6:0 p.m.7 views

A week with a "smart" car

Welcome to this week's edition of the Threat Source newsletter. June 9 was Whit Monday -- a bank holiday here in Germany -- so I decided to take the whole week off. It turned out to be the perfect opportunity to try out a brand new car. Little did I know, I was about to get a crash course in mode...

8.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/06/10 7:0 a.m.30 views

Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 (KB5002732)

None None...

8.8CVSS7AI score0.12606EPSS
Exploits2
Rows per page
Query Builder