Lucene search
K

279 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.6 views

CVE-2023-50712

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations in versions prior to v2.3.7. The vulnerability may allow an attack...

5.4CVSS5.3AI score0.00298EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2025:4424-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4424-1 advisory. Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. - MFSA 2025-94 CVE-2025-14321...

9.8CVSS7AI score0.00498EPSS
Exploits2References22
RedhatCVE
RedhatCVE
added 2025/12/16 11:55 p.m.6 views

CVE-2025-64338

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - 156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucket’s Manage Photos feature vulnerable to Stored XSS. The payload is...

9CVSS6.6AI score0.00396EPSS
Exploits1References1
CVE
CVE
added 2025/12/02 9:51 a.m.11 views

CVE-2025-13872

CVE-2025-13872 affects ObjectPlanet Opinio 7.26 rev12562. The survey-import feature is vulnerable to Blind Server-Side Request Forgery (SSRF), allowing an attacker to force the server to issue HTTP GET requests to an arbitrary destination. Public details in the connected sources confirm the affec...

9.1CVSS6.6AI score0.00267EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/02 12:37 a.m.5 views

EUVD-2025-200106

Grav Exposes Password Hashes Leading to privilege escalation...

6.2CVSS6.6AI score0.00359EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/17 10:32 a.m.3 views

EUVD-2025-197781

A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown part of the file /admin/about.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has be...

5.8CVSS6.3AI score0.00252EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/10/22 8:18 p.m.4 views

CVE-2025-61763

Vulnerability in Oracle Essbase component: Essbase Web Platform. The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of this vulnerability can result in...

8.1CVSS6.5AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2025/10/21 8:20 p.m.4 views

CVE-2025-61763

Vulnerability in Oracle Essbase component: Essbase Web Platform. The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of this vulnerability can result in...

8.1CVSS0.00246EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 8:20 p.m.2 views

CVE-2025-61763

Vulnerability in Oracle Essbase component: Essbase Web Platform. The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of this vulnerability can result in...

8.1CVSS5.8AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 8:3 p.m.5 views

EUVD-2025-35247

Vulnerability in Oracle Essbase component: Essbase Web Platform. The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks of this vulnerability can result in...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

giSoft City Guide 跨站脚本漏洞

giSoft City Guide is a city guide platform from the Turkish company giSoft. A cross-site scripting vulnerability exists in giSoft City Guide versions prior to 1.4.45, which stems from improper input neutralization during web page generation and could lead to a reflective cross-site scripting atta...

6.1CVSS6AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/10/17 6:15 p.m.9 views

CVE-2025-62424

ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - 146 and earlier, the /adminarea/templateeditor.php endpoint is vulnerable to path traversal. The validation of the file-loading path is inadequate, allowing authenticated administrators to read and write arbitrary fil...

6.7CVSS0.00858EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8231

Malware in sbrugna...

7.5CVSS7.6AI score0.01138EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2539

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01686EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-34989

Malicious code in bioql PyPI...

6.3CVSS5.8AI score0.00382EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-55485

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-3032

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.0041EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-1596

Malicious code in bioql PyPI...

9.9CVSS8.8AI score0.03071EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/09/25 2:53 a.m.6 views

CVE-2024-6429

A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiting this...

4.3CVSS7AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.4 views

Vaadin 安全漏洞

Vaadin is an open source platform for web application development from Vaadin Open Source.The Vaadin platform consists of a set of web components, a Java web framework, and a set of tools and application launchers. A security vulnerability exists in Vaadin, which stems from an upload validation...

5.3CVSS6.6AI score0.00358EPSS
Exploits0References1
Rows per page
Query Builder