Export limit exceeded: 342201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342201 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50575 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API | ||||
| CVE-2024-10073 | 1 Informatik.hu-berlin | 1 Flair | 2024-10-29 | 5 Medium |
| A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-50576 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest | ||||
| CVE-2024-50577 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings | ||||
| CVE-2024-50578 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page | ||||
| CVE-2024-50579 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible | ||||
| CVE-2024-50580 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule | ||||
| CVE-2024-50581 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag | ||||
| CVE-2024-50582 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements | ||||
| CVE-2024-50574 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 5.3 Medium |
| In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality | ||||
| CVE-2024-50573 | 1 Jetbrains | 1 Hub | 2024-10-29 | 4.3 Medium |
| In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services | ||||
| CVE-2024-10014 | 1 Tiandiyoyo | 1 Flat Ui Button | 2024-10-29 | 6.4 Medium |
| The Flat UI Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's flatbtn shortcode in version 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-44667 | 1 Shenzhen Haichangxing Technology | 1 Hcx H822 Firmware | 2024-10-29 | 8 High |
| Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15.35_P0 is vulnerable to Incorrect Access Control. Unauthenticated factory mode reset and command injection leads to information exposure and root shell access. | ||||
| CVE-2024-47068 | 3 Redhat, Rollup, Rollupjs | 4 Openshift Distributed Tracing, Rhdh, Rollup and 1 more | 2024-10-29 | 6.1 Medium |
| Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` (e.g., `import.meta.url`) in `cjs`/`umd`/`iife` format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Versions 2.79.2, 3.29.5, and 4.22.4 contain a patch for the vulnerability. | ||||
| CVE-2024-9589 | 1 Aftabhusain | 1 Category And Taxonomy Meta Fields | 2024-10-29 | 5.5 Medium |
| The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2024-9590 | 1 Aftabhusain | 1 Category And Taxonomy Meta Fields | 2024-10-29 | 5.5 Medium |
| The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with editor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2024-9591 | 1 Aftabhusain | 1 Category And Taxonomy Image | 2024-10-29 | 5.5 Medium |
| The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with editor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2024-47883 | 1 Openrefine | 2 Butterfly, Similie Butterfly | 2024-10-29 | 9.1 Critical |
| The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, prior to version 1.2.6, if a `file:/` URL is directly given where a relative path (resource name) is expected, this is also accepted in some code paths; the app then fetches the file, from a remote machine if indicated, and uses it as if it was a trusted part of the app's codebase. This leads to multiple weaknesses and potential weaknesses. An attacker that has network access to the application could use it to gain access to files, either on the the server's filesystem (path traversal) or shared by nearby machines (server-side request forgery with e.g. SMB). An attacker that can lead or redirect a user to a crafted URL belonging to the app could cause arbitrary attacker-controlled JavaScript to be loaded in the victim's browser (cross-site scripting). If an app is written in such a way that an attacker can influence the resource name used for a template, that attacker could cause the app to fetch and execute an attacker-controlled template (remote code execution). Version 1.2.6 contains a patch. | ||||
| CVE-2024-42017 | 2024-10-29 | 10 Critical | ||
| An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an attacker to execute arbitrary commands with system privilege on the endpoint hosting the application, without any authentication. | ||||
| CVE-2024-10189 | 1 Jesweb | 1 Anchor Episodes Index | 2024-10-29 | 6.4 Medium |
| The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchor_episodes shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||