Lucene search
+L

1039 matches found

OSV
OSV
added 2026/04/08 10:16 p.m.2 views

DEBIAN-CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS8.4AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 9:20 p.m.21 views

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 9:20 p.m.4 views

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0017EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/04/01 12:0 a.m.5 views

Obfuscating Code Vulnerabilities against Static Analysis in JavaScript Code

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate JavaScript code. In a software supply chain where a single...

6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/11 10:32 p.m.5 views

CVE-2026-3962 Jcharis Machine-Learning-Web-Apps Jinja2 Template app.py render_template cross site scripting

A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function rendertemplate of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...

5.3CVSS4.2AI score0.00348EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.11 views

PT-2026-24891

A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function render template of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...

5.3CVSS4.2AI score0.00348EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.8 views

Machine-Learning-Web-Apps 代码注入漏洞

Machine-Learning-Web-Apps is a machine learning web application development framework developed by JCharis Jesse. There is a code injection vulnerability in Machine-Learning-Web-Apps, which stems from an incorrect operation on the rendertemplate function in the Jinja2 Template Handler component o...

5.3CVSS5.7AI score0.00348EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

Oracle Application Testing Suite (January 2026 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache...

5.3CVSS5.6AI score0.02164EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/01/01 6:32 a.m.4 views

galaxy (>=25.0.1 <=25.0.4) potentially affected by unknown CVE via galaxy-web-apps (>=25.0.1 <=25.0.4)

galaxy-web-apps PYPI version =25.0.1, =25.0.1, =25.0.4 Source cves: unknown CVE Source advisory: SNYK:PYTHON-GALAXYWEBAPPS-14859127...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/26 4:2 p.m.192 views

hacker-man

Hacker Man - Vulnerable Web Applications Lab A collection of...

7.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/09 8:0 a.m.56 views

Description of the security update for Microsoft Exchange Server 2019 CU15: December 9, 2025 (KB5071875)

None None...

7.5CVSS6.6AI score0.01021EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.8 views

Oracle Application Testing Suite (October 2025 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by a vulnerability as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps Apache...

7.5CVSS7.2AI score0.64718EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12317

Malware in sbrugna...

6.1CVSS6.4AI score0.01729EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-19913

Malware in sbrugna...

5.8CVSS5.6AI score0.0318EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37162

Malicious code in bioql PyPI...

9.9CVSS6.3AI score0.0128EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.8 views

PT-2025-39388

⚠️ Critical Alert – CVE-2025-78901 • Zero-day in Telerik UI library actively exploited 🚨 • Affects thousands of .NET web apps 2025.3.1 • Mass scanning and ransomware attempts underway • Action: Patch immediately! CyberSecurity ZeroDay Telerik PatchNow NewTalics...

7AI score
Exploits0References1
Gitee
Gitee
added 2025/09/14 4:41 a.m.85 views

sinatra

This is a Sinatra repository, a DSL for creating web applications in Ruby with minimal effort. The repository contains various files, including a .github/workflows/test.yml file that defines a GitHub Actions workflow for testing, and a Gemfile that lists dependencies for the project. The Gemfile...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/18 12:0 a.m.8 views

The vulnerability of the XWiki platform for creating collaborative web applications lies in its lack of protection for website structures. This allows attackers to execute arbitrary JavaScript code.

The vulnerability of the XWiki Platform lies in the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code remotely...

10CVSS5.8AI score0.00634EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/06/17 3:6 p.m.4 views

MAL-2025-5066 Malicious code in vscode-azurestaticwebapps (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6d86e1274287895eb9b8f392467eb59e1636c384bc7d0b77c9a1da853b02963 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.7 views

CVE-2024-32986

PWAsForFirefox is a tool to install, manage and use Progressive Web Apps PWAs in Mozilla Firefox. Due to improper sanitization of web app properties such as name, description, shortcuts, web apps were able to inject additional lines into XDG Desktop Entries on Linux and AppInfo.ini on...

9.6CVSS7AI score0.00683EPSS
Exploits0References1
Rows per page
Query Builder