Lucene search

K

* Security Vulnerabilities

cve
cve

CVE-2024-34104

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access, leading to both...

8.2CVSS

8.2AI Score

0.001EPSS

2024-06-13 09:15 AM
30
cve
cve

CVE-2024-34103

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access or elevated privileges within the application....

8.1CVSS

8.2AI Score

0.001EPSS

2024-06-13 09:15 AM
26
cve
cve

CVE-2024-34102

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that.....

9.8CVSS

9.6AI Score

0.001EPSS

2024-06-13 09:15 AM
33
cve
cve

CVE-2024-30285

Audition versions 24.2, 23.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service condition. An attacker could exploit this vulnerability to crash the application, leading to a denial of service. Exploitation of this issue...

5.5CVSS

5.3AI Score

0.0004EPSS

2024-06-13 09:15 AM
27
cve
cve

CVE-2024-0979

The Dashboard Widgets Suite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary.....

6.1CVSS

6AI Score

0.0005EPSS

2024-06-13 09:15 AM
22
cve
cve

CVE-2024-30276

Audition versions 24.2, 23.6.4 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a....

5.5CVSS

5.1AI Score

0.001EPSS

2024-06-13 09:15 AM
30
cve
cve

CVE-2024-1565

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the PDF Widget URL in all versions up to, and including, 3.9.10 due to insufficient input sanitization....

6.4CVSS

5.7AI Score

0.001EPSS

2024-06-13 09:15 AM
21
cve
cve

CVE-2024-4615

The Elespare – Blog, Magazine and Newspaper Addons for Elementor with Templates, Widgets, Kits, and Header/Footer Builder. One Click Import: No Coding Required! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Horizontal Nav Menu' widget in all versions up to, and...

6.4CVSS

5.7AI Score

0.0004EPSS

2024-06-13 08:16 AM
24
cve
cve

CVE-2024-36238

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
26
cve
cve

CVE-2024-36239

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36234

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36235

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.3AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36236

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
32
cve
cve

CVE-2024-36233

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36230

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.3AI Score

0.0005EPSS

2024-06-13 08:16 AM
29
cve
cve

CVE-2024-36231

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically...

5.4CVSS

5.3AI Score

0.0005EPSS

2024-06-13 08:16 AM
24
cve
cve

CVE-2024-36229

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36232

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
23
cve
cve

CVE-2024-36226

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and affect the integrity of the page. Exploitation....

3.5CVSS

3.9AI Score

0.0005EPSS

2024-06-13 08:16 AM
28
cve
cve

CVE-2024-36227

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
26
cve
cve

CVE-2024-36225

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
23
cve
cve

CVE-2024-36228

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
24
cve
cve

CVE-2024-36224

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
22
cve
cve

CVE-2024-36222

Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue typically requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36219

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
23
cve
cve

CVE-2024-36220

Adobe Experience Manager versions 6.5.20 and earlier Answer: are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. Exploitation of this issue requires...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36221

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
26
cve
cve

CVE-2024-36216

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

6.1CVSS

5.2AI Score

0.001EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36218

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
23
cve
cve

CVE-2024-36217

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36215

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36212

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
20
cve
cve

CVE-2024-36213

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
24
cve
cve

CVE-2024-36210

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36214

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36211

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the.....

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
25
cve
cve

CVE-2024-36209

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36207

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36208

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36206

Adobe Experience Manager versions 6.5.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's...

5.4CVSS

5.2AI Score

0.0005EPSS

2024-06-13 08:16 AM
20
cve
cve

CVE-2024-36203

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36205

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36202

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36204

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36201

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
20
cve
cve

CVE-2024-36199

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36198

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36200

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
21
cve
cve

CVE-2024-36195

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
cve
cve

CVE-2024-36194

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the...

5.4CVSS

5.1AI Score

0.0005EPSS

2024-06-13 08:16 AM
19
Total number of security vulnerabilities237501