Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-47836 |
|
Cross-Site Scripting (XSS) in CVE-2021-47836 (CVE-2021-47836)
cross-site scripting in CVE-2021-47836 (CVE-2021-47836). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22774 |
|
Vulnerability in dos (CVE-2026-22774)
vulnerability in dos (CVE-2026-22774). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.2` or later.
|
| CVE-2026-22775 |
|
Vulnerability in dos (CVE-2026-22775)
vulnerability in dos (CVE-2026-22775). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.6.2` or later.
|
| CVE-2025-55462 |
|
Vulnerability in eramba (CVE-2025-55462)
vulnerability in eramba (CVE-2025-55462). Confidential information can be exposed externally.
|
| CVE-2026-22610 |
|
Cross-Site Scripting (XSS) in @angular/compiler (CVE-2026-22610)
cross-site scripting in @angular/compiler (CVE-2026-22610). Risk of unauthorized operations or information disclosure. Exploitable via ``href``.
|
| CVE-2026-22029 |
|
Cross-Site Scripting (XSS) in react (CVE-2026-22029)
cross-site scripting in react (CVE-2026-22029). Confidential information can be exposed externally.
|
| CVE-2025-59057 |
|
Cross-Site Scripting (XSS) in react (CVE-2025-59057)
cross-site scripting in react (CVE-2025-59057). Confidential information can be exposed externally.
|
| CVE-2026-21884 |
|
Cross-Site Scripting (XSS) in react (CVE-2026-21884)
cross-site scripting in react (CVE-2026-21884). Confidential information can be exposed externally.
|
| CVE-2025-68428 |
|
Vulnerability in path-traversal (CVE-2025-68428)
vulnerability in path-traversal (CVE-2025-68428). Confidential information can be exposed externally. Exploitable via ``addImage``.
|
| CVE-2025-67288 |
|
Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
|
| CVE-2023-53888 |
|
Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66412 |
|
Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
|
| CVE-2025-65622 |
|
Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65621 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66035 |
|
Vulnerability in @angular/common (CVE-2025-66035)
vulnerability in @angular/common (CVE-2025-66035). Risk of unauthorized operations or information disclosure. Exploitable via ``POST``. Mitigation: upgrade to `19.2.16` or later.
|
| CVE-2025-64308 |
|
Vulnerability in CVE-2025-64308 (CVE-2025-64308)
vulnerability in CVE-2025-64308 (CVE-2025-64308). Confidential information can be exposed externally.
|
| CVE-2025-60837 |
|
Cross-Site Scripting (XSS) in mingsoft (CVE-2025-60837)
cross-site scripting in mingsoft (CVE-2025-60837). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60308 |
|
Cross-Site Scripting (XSS) in fabian (CVE-2025-60308)
cross-site scripting in fabian (CVE-2025-60308). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60302 |
|
Cross-Site Scripting (XSS) in fabian (CVE-2025-60302)
cross-site scripting in fabian (CVE-2025-60302). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56200 |
|
Cross-Site Scripting (XSS) in validator-project (CVE-2025-56200)
cross-site scripting in validator-project (CVE-2025-56200). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56571 |
|
Vulnerability in dos (CVE-2025-56571)
vulnerability in dos (CVE-2025-56571). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56572 |
|
Vulnerability in dos (CVE-2025-56572)
vulnerability in dos (CVE-2025-56572). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56807 |
|
Cross-Site Scripting (XSS) in fairsketch (CVE-2025-56807)
cross-site scripting in fairsketch (CVE-2025-56807). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55887 |
|
Cross-Site Scripting (XSS) in ard (CVE-2025-55887)
cross-site scripting in ard (CVE-2025-55887). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55888 |
|
Cross-Site Scripting (XSS) in ard (CVE-2025-55888)
cross-site scripting in ard (CVE-2025-55888). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57145 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2025-57145)
cross-site scripting in phpgurukul (CVE-2025-57145). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57117 |
|
Cross-Site Scripting (XSS) in remyandrade (CVE-2025-57117)
cross-site scripting in remyandrade (CVE-2025-57117). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56432 |
|
Cross-Site Scripting (XSS) in nagios (CVE-2025-56432)
cross-site scripting in nagios (CVE-2025-56432). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45313 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45313)
cross-site scripting in hortusfox (CVE-2025-45313). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45314 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45314)
cross-site scripting in hortusfox (CVE-2025-45314). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45315 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45315)
cross-site scripting in hortusfox (CVE-2025-45315). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51053 |
|
Cross-Site Scripting (XSS) in vedo-suite-project (CVE-2025-51053)
cross-site scripting in vedo-suite-project (CVE-2025-51053). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50592 |
|
Cross-Site Scripting (XSS) in seacms (CVE-2025-50592)
cross-site scripting in seacms (CVE-2025-50592). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10032 |
|
Cross-Site Scripting (XSS) in CVE-2012-10032 (CVE-2012-10032)
cross-site scripting in CVE-2012-10032 (CVE-2012-10032). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-41504 |
|
Cross-Site Scripting (XSS) in jetimob (CVE-2024-41504)
cross-site scripting in jetimob (CVE-2024-41504). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46041 |
|
Cross-Site Scripting (XSS) in anchorcms (CVE-2025-46041)
cross-site scripting in anchorcms (CVE-2025-46041). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-57273 |
|
Cross-Site Scripting (XSS) in netgate (CVE-2024-57273)
cross-site scripting in netgate (CVE-2024-57273). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71319 |
|
Vulnerability in image-size (CVE-2025-71319)
vulnerability in image-size (CVE-2025-71319). Risk of unauthorized operations or information disclosure. Exploitable via ``findBox``. Mitigation: upgrade to `2.0.2` or later.
|
| CVE-2025-25612 |
|
Cross-Site Scripting (XSS) in CVE-2025-25612 (CVE-2025-25612)
cross-site scripting in CVE-2025-25612 (CVE-2025-25612). Successful exploitation can lead to full system takeover.
|
| CVE-2024-11831 |
|
Cross-Site Scripting (XSS) in CVE-2024-11831 (CVE-2024-11831)
cross-site scripting in CVE-2024-11831 (CVE-2024-11831). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55591 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2024-42831 |
|
Cross-Site Scripting (XSS) in CVE-2024-42831 (CVE-2024-42831)
cross-site scripting in CVE-2024-42831 (CVE-2024-42831). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-8644 |
|
Vulnerability in oceanicsoft (CVE-2024-8644)
vulnerability in oceanicsoft (CVE-2024-8644). Confidential information can be exposed externally.
|
| CVE-2023-46948 |
|
Cross-Site Scripting (XSS) in CVE-2023-46948 (CVE-2023-46948)
cross-site scripting in CVE-2023-46948 (CVE-2023-46948). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-3166 |
|
Cross-Site Scripting (XSS) in mintplexlabs (CVE-2024-3166)
cross-site scripting in mintplexlabs (CVE-2024-3166). Successful exploitation can lead to full system takeover.
|
| CVE-2024-4367 |
|
Vulnerability in pdfjs-dist (CVE-2024-4367)
vulnerability in pdfjs-dist (CVE-2024-4367). Successful exploitation can lead to full system takeover. Exploitable via ``isEvalSupported``. Mitigation: upgrade to `4.2.67` or later.
|
| CVE-2024-24398 |
|
Path Traversal in path-traversal (CVE-2024-24398)
path traversal in path-traversal (CVE-2024-24398). Successful exploitation can lead to full system takeover.
|
| CVE-2024-24396 |
|
Cross-Site Scripting (XSS) in stimulsoft (CVE-2024-24396)
cross-site scripting in stimulsoft (CVE-2024-24396). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-24397 |
|
Cross-Site Scripting (XSS) in stimulsoft (CVE-2024-24397)
cross-site scripting in stimulsoft (CVE-2024-24397). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-48795 |
|
Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
|