19 matches found
CVE-2026-35204
creationtimestamp| type| source ---|---|--- 2026-04-09 17:56:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3ez4ayie2i...
CVE-2026-35204
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not...
CVE-2026-35204
Helm is a package manager for Charts for Kubernetes. From 4.0.0 to 4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. To prevent this, validate that the plugin.yaml of the Helm plugin does not...
CVE-2024-35204
Veritas System Recovery before 23.3Hotfix has incorrect permissions for the Veritas System Recovery folder, and thus low-privileged users can conduct attacks...
CVE-2022-35204
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service...
CVE-2021-35204
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting XSS in the support endpoint...
CVE-2020-35204
Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer support...
CVE-2024-35204
creationtimestamp| type| source ---|---|--- 2024-06-03 20:07:53+00:00| published-proof-of-concept| https://t.me/HackingInsights/1444...
@aem-vite/import-rewriter (=5.0.1), @aem-vite/vite-aem-plugin (>=1.0.0 <=1.0.0-alpha.5) +200 more potentially affected by CVE-2022-35204 via vite (>=0.14.4 <=2.9.12)
vite NPM version =0.14.4, =1.0.0, =3.0.0-beta.5, =3.0.0-beta.2, =0.0.1, =1.0.16, =1.1.0-next.4, =0.0.0-experimental-17c6886-20220324, =0.0.0-canary-20220428124037, =0.1.5, =0.0.11, =0.0.12, =0.0.1, =0.1.5, =0.0.11, =0.0.16 and more Source cves: CVE-2022-35204 Source advisory: OSV:GHSA-MV48-HCVH-8...
CVE-2022-35204
creationtimestamp| type| source ---|---|--- 2022-08-18 22:29:46+00:00| seen| Telegram/MwyorbUc5bokzHzVZMlcZKn9pXcBSdT-1gYmYiG6p7Ob9TQ...
CVE-2022-35204
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service...
CVE-2022-35204
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service...
CVE-2022-35204
Vitejs Vite before v2.9.13 is vulnerable to directory traversal via a crafted URL to the victim’s service; update to v2.9.13 or later to resolve the issue (per PT-2022-22631).
CVE-2021-35204
creationtimestamp| type| source ---|---|--- 2021-09-30 22:13:47+00:00| seen| https://t.me/cibsecurity/29756...
CVE-2021-35204
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting XSS in the support endpoint...
CVE-2021-35204
Netscout nGeniusONE 6.3.0 build 1196 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the Support endpoint. The root cause is insufficient validation/filtering of user input at the Support endpoint, allowing an attacker to execute JavaScript code in a victim’s browser. The C...
CVE-2020-35204
creationtimestamp| type| source ---|---|--- 2021-01-11 07:45:02+00:00| seen| https://t.me/cibsecurity/21881...
CVE-2020-35204
Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer support...
CVE-2020-35204
CVE-2020-35204 is a reflected XSS affecting Quest Policy Authority 8.1.2.200. The vulnerability allows injecting code via the unqID parameter in PolicyAuthority/Common/FolderControl.jsp. The affected product is no longer supported. Public sources do not list a fixed version; a PT-2021-11722 advis...