CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Circl•added 2026/03/31 11:20 p.m.•2 views

CVE-2026-34366

creationtimestamp| type| source ---|---|--- 2026-03-31 23:20:06+00:00| published-proof-of-concept| Telegram/nmybyhyW9j--U7tziXdh4Y31RLU4faF2Hhhi6Dlcxk1tj2s 2026-04-01 05:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mifvvsbkbx2x 2026-04-08 02:20:09+00:00| seen|...

8.1CVSS4.8AI score0.00035EPSS

Exploits1References2

NVD•added 2026/03/31 9:16 p.m.•2 views

CVE-2026-34366

InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...

8.1CVSS0.00035EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 3:55 a.m.•6 views

CVE-2023-34366

A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code execution. Victim would need to open a malicious file to trigger this vulnerability...

7.8CVSS7.5AI score0.00177EPSS

Exploits1

NVD•added 2024/05/06 7:15 p.m.•6 views

CVE-2024-34366

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AltText.Ai Download Alt Text AI allows Stored XSS.This issue affects Download Alt Text AI: from n/a through 1.3.4...

5.9CVSS6.1AI score0.00118EPSS

Exploits0References1

Cvelist•added 2024/05/06 6:33 p.m.•15 views

CVE-2024-34366 WordPress AltText.ai plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

5.9CVSS6.8AI score0.00118EPSS

Exploits0References1

Vulnrichment•added 2024/05/06 6:33 p.m.•16 views

CVE-2024-34366 WordPress AltText.ai plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

5.9CVSS5.2AI score0.00118EPSS

Exploits0References1

CVE•added 2024/05/06 6:33 p.m.•47 views

CVE-2024-34366

CVE-2024-34366: Stored XSS in Alt Text AI WordPress plugin. Root cause: improper input neutralization during web page generation. Affected: Alt Text AI Download Alt Text AI (versions up to 1.3.4). Existence of connected claim shows a patched status for the vulnerability in the plugin beyond 1.3.4...

5.9CVSS5.2AI score0.00118EPSS

Exploits0References1

Patchstack•added 2024/05/03 12:0 a.m.•8 views

WordPress Download Alt Text AI Plugin <=1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Download Alt Text AI Type Plugin Vulnerable versions =1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34366 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 15bd973c927c Credits Manab Jyoti Dowarah Required...

5.9CVSS6.6AI score0.00118EPSS

Exploits0References2Affected Software1

Circl•added 2023/10/19 10:34 p.m.•1 views

CVE-2023-34366

creationtimestamp| type| source ---|---|--- 2023-10-19 22:34:53+00:00| seen| https://t.me/cibsecurity/72611 2024-03-24 17:54:38+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10206...

7.8CVSS6.7AI score0.00177EPSS

Exploits1References2

NVD•added 2023/10/19 6:15 p.m.•13 views

CVE-2023-34366

7.8CVSS7.8AI score0.00177EPSS

Exploits1References3

CVE•added 2023/10/19 5:0 p.m.•42 views

CVE-2023-34366

CVE-2023-34366 affects Ichitaro 2023 Word Processor (JustSystems). Cisco Talos documents a use-after-free in the Figure stream parsing for the DocumentViewStyles/DocumentEditStyles streams, leading to memory corruption and potential arbitrary code execution when a malicious file is opened. Techni...

7.8CVSS8AI score0.00177EPSS

Exploits1References3Affected Software19

NVD•added 2023/02/10 8:15 p.m.•10 views

CVE-2022-34366

Dell SupportAssist for Home PCs version 3.11.2 and prior contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information...

6.5CVSS6.4AI score0.00095EPSS

Exploits0References1

CVE•added 2023/02/10 7:18 p.m.•42 views

CVE-2022-34366

Dell SupportAssist for Home PCs (versions 3.11.2 and prior) contains an Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit this to obtain sensitive information. This CVE (CVE-2022-34366) is supported by multiple repositories documenti...

6.5CVSS6.4AI score0.00095EPSS

Exploits0References1Affected Software1

CVE•added 2021/07/21 2:39 p.m.•21 views

CVE-2021-34366

CVE-2021-34366 is rejected/not used per the initial description; it does not represent an active vulnerability entry.

7.4AI score

Exploits0

Cvelist•added 2021/07/21 2:39 p.m.•8 views

CVE-2021-34366

...

Exploits0

Cvelist•added 1976/01/01 12:0 a.m.•17 views