Lucene search
K

320 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-21327

Malicious code in bioql PyPI...

8.2CVSS7AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-39178

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00231EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-3081

Malicious code in bioql PyPI...

6.4CVSS4.5AI score0.00295EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-31750

Malicious code in bioql PyPI...

6.6CVSS5.4AI score0.00313EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.3 views

Cisco IOS XE 安全漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE that stems from insufficient validatio...

6.7CVSS6.7AI score0.0015EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.5 views

PT-2025-38347

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow issue exists in the sh css set black frame function within the atomisp module. The height and width values, sourced from user input, are multiplied, potentially leadi...

6.5AI score0.00145EPSS
Exploits0References16
CVE
CVE
added 2025/07/04 5:34 p.m.19 views

CVE-2025-53484

The CVE-2025-53484 affects the MediaWiki SecurePoll extension. Affected versions are 1.39.x before 1.39.13, 1.42.x before 1.42.7, and 1.43.x before 1.43.2. The root cause is improper escaping of user-controlled inputs in VotePage.php (poll option input) and in ResultPage’s getPagesTab() and getEr...

9.8CVSS6.5AI score0.00456EPSS
Exploits0References3
CNVD
CNVD
added 2025/06/17 12:0 a.m.4 views

WordPress Raisely Donation Form Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Raisely Donation Form, which stems from insufficient cleanup and escaping of user-supplied attribute inputs in the...

6.4CVSS6.2AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:40 a.m.27 views

CVE-2024-47594

SAP NetWeaver Enterprise Portal KMC does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link,...

5.4CVSS6.3AI score0.00239EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:28 a.m.5 views

CVE-2024-39595

SAP Business Warehouse - Business Planning and Simulation application does not sufficiently encode user-controlled inputs, resulting in Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows users to modify website content and on successful exploitation, an attacker can cause lo...

5.4CVSS5.6AI score0.0024EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.6 views

CVE-2023-26158

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

8.2CVSS6.7AI score0.00801EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:49 a.m.6 views

CVE-2023-37488

In SAP NetWeaver Process Integration - versions SAPXIESR 7.50, SAPXITOOL 7.50, SAPXIAF 7.50, user-controlled inputs, if not sufficiently encoded, could result in Cross-Site Scripting XSS attack. On successful exploitation the attacker can cause limited impact on confidentiality and integrity of t...

6.1CVSS5.9AI score0.00317EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.7 views

CVE-2023-33985

SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting XSS vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information...

6.1CVSS5.9AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:0 a.m.14 views

CVE-2023-47115

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

7.1CVSS5.4AI score0.01448EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:59 p.m.8 views

CVE-2022-24395

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00586EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.11 views

CVE-2021-42061

SAP BusinessObjects Business Intelligence Platform Web Intelligence - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This allows a low privileged attacker to retrieve some data from the victim but will never be able to modify...

5.4CVSS5.8AI score0.00455EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.8 views

CVE-2020-6323

SAP NetWeaver Enterprise Portal Fiori Framework Page versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that will be both reflected immediately and also be persisted and returned in further access to the...

6.1CVSS6AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.13 views

CVE-2020-6313

SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...

6.5CVSS6.4AI score0.00721EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.9 views

CVE-2020-6276

SAP Business Objects Business Intelligence Platform bipodata, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability...

6.1CVSS6.5AI score0.00654EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.10 views

CVE-2020-6229

SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not sufficiently encode user controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00654EPSS
Exploits0References1
Rows per page
Query Builder