Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-30147 1 Hcltech 1 Leap 2025-10-29 6.5 Medium
Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications.
CVE-2024-30114 1 Hcltech 1 Leap 2025-10-29 3.7 Low
Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment.
CVE-2024-30113 1 Hcltech 1 Leap 2025-10-29 6.3 Medium
Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
CVE-2023-45720 1 Hcltech 1 Leap 2025-10-29 5.3 Medium
Insufficient default configuration in HCL Leap allows anonymous access to directory information.
CVE-2023-37534 1 Hcltech 1 Leap 2025-10-29 7.1 High
Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters.
CVE-2024-30127 1 Hcltech 1 Leap 2025-10-29 3.2 Low
Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
CVE-2023-37516 1 Hcltech 1 Leap 2025-10-29 3.2 Low
Missing "no cache" headers in HCL Leap permits user directory information to be cached.
CVE-2022-44760 1 Hcltech 1 Leap 2025-10-29 4.6 Medium
Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications.
CVE-2022-44759 1 Hcltech 1 Leap 2025-10-29 4.6 Medium
Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications.
CVE-2024-30148 1 Hcltech 1 Leap 2025-10-29 4.1 Medium
Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem.