CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-0749

Malware in sbrugna...

5.4CVSS7.5AI score0.00355EPSS

Exploits0References12

RedhatCVE•added 2025/05/22 11:13 p.m.•10 views

CVE-2022-33911

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information...

5.3CVSS6.7AI score0.00395EPSS

Exploits0References1

Positive Technologies•added 2024/05/23 12:0 a.m.•1 views

PT-2024-40342 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A high-level XSS risk has been identified in the encoding of validation messages in certain FormField classes. This issue affects form fields that present invalid content as part of...

6.1CVSS6.1AI score

Exploits0References6

NVD•added 2022/07/12 2:15 p.m.•8 views

CVE-2022-33911

5.3CVSS0.00395EPSS

Exploits0References3

ATTACKERKB•added 2022/07/12 2:15 p.m.•2 views

CVE-2022-33911

5.3CVSS5.7AI score0.00395EPSS

Exploits0References4

Cvelist•added 2022/07/11 12:20 p.m.•12 views

CVE-2022-33911

5.4AI score0.00395EPSS

Exploits0References3

Github Security Blog•added 2019/11/12 11:0 p.m.•46 views

Symfony Cross-site Scripting (XSS) vulnerability

In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle...

5.4CVSS7AI score0.00355EPSS

Exploits0References11Affected Software4

NVD•added 2019/05/16 10:29 p.m.•17 views

CVE-2019-10909

5.4CVSS7.2AI score0.00355EPSS

Exploits0References4

Veracode•added 2019/04/18 4:55 a.m.•24 views

Cross-site Scripting (XSS)

symfony/symfony is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as the value of the validation messages were not sanitized, allowing XSS attacks...

5.4CVSS5.5AI score0.00355EPSS

Exploits0References4Affected Software1

OSV•added 2019/04/17 8:29 p.m.•4 views

DRUPAL-CORE-2019-005

This security release fixes third-party dependencies included in or required by Drupal core. CVE-2019-10909: Escape validation messages in the PHP templating engine. From that advisory: Validation messages were not escaped when using the form theme of the PHP templating engine which, when...

7.9AI score

Exploits0References1