CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0213

Malware in sbrugna...

6.1CVSS6.2AI score0.0024EPSS

Exploits0References6

OSV•added 2025/09/10 5:13 p.m.•1 views

GHSA-W765-JM6W-4HHJ Webrecorder packages are vulnerable to XSS through 404 error handling logic

A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly embedded into an inline block without sanitization or escaping. This allows an attacker to craft ...

7.1CVSS5.9AI score0.00085EPSS

Exploits0References8

vulnersOsv•added 2025/09/10 5:13 p.m.•2 views

@cllu/awp-sw (=0.4.4) potentially affected by CVE-2025-58765 via @webrecorder/wabac (=2.17.3)

@webrecorder/wabac NPM version =2.17.3 is affected by a known vulnerability. The following packages have a transitive dependency on @webrecorder/wabac and may be impacted: - @cllu/awp-sw =0.4.4 Source cves: CVE-2025-58765 Source advisory: OSV:GHSA-W765-JM6W-4HHJ...

7.1CVSS5.8AI score0.00085EPSS

vulnersOsv•added 2025/09/09 8:45 p.m.•2 views

@cllu/awp-sw (=0.4.4) potentially affected by CVE-2025-58765 via @webrecorder/wabac (=2.17.3)

@webrecorder/wabac NPM version =2.17.3 is affected by a known vulnerability. The following packages have a transitive dependency on @webrecorder/wabac and may be impacted: - @cllu/awp-sw =0.4.4 Source cves: CVE-2025-58765 Source advisory: SNYK:JS-WEBRECORDERWABAC-12670884...

7.1CVSS5.8AI score0.00085EPSS

RedhatCVE•added 2025/05/22 8:43 p.m.•1 views

CVE-2021-39286

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1CVSS6.3AI score0.0024EPSS

Exploits0References1

NVD•added 2021/08/18 6:15 p.m.•7 views

CVE-2021-39286

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1CVSS0.0024EPSS

Exploits0References2

OSV•added 2021/08/18 6:15 p.m.•15 views

CVE-2021-39286

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1CVSS6AI score

Exploits0References2

PyPA•added 2021/08/18 6:15 p.m.•4 views

PYSEC-2021-120

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1CVSS6.4AI score0.0024EPSS

Exploits0References3Affected Software1

Prion•added 2021/08/18 6:15 p.m.•14 views

Cross site scripting

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

4.3CVSS5.9AI score0.0024EPSS

Exploits0References2Affected Software1

OSV•added 2021/08/18 6:15 p.m.•25 views

PYSEC-2021-120

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1CVSS2.2AI score0.0024EPSS

Exploits0References3

CVE•added 2021/08/18 5:31 p.m.•65 views

CVE-2021-39286

Webrecorder pywb before 2.6.0 is vulnerable to cross-site scripting (XSS) because Jinja2 templates are not automatically escaped. The CVE-2021-39286 entry is supported by multiple connected sources (e.g., GHSA-947X-PV47-PP3Q, OSV, CVE records) describing the same issue. Impact is XSS in affected ...

6.1CVSS5.9AI score0.0024EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/08/18 5:31 p.m.•12 views

CVE-2021-39286

Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates are autoescaped...

6.1AI score0.0024EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by