CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

OSV•added 2024/09/09 3:15 p.m.•7 views

CVE-2024-8373

Improper sanitization of the value of the srcset attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing . This issue affects all versions of...

4.3CVSS6.3AI score0.00013EPSS

Exploits1References4

OSV•added 2024/09/09 3:15 p.m.•16 views

CVE-2024-8372

Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing . This issue affects AngularJS versions 1.3.0-rc.4 and...

4.3CVSS4.5AI score0.00015EPSS

Exploits1References4

OSV•added 2024/09/09 3:15 p.m.•0 views

UBUNTU-CVE-2024-8373

4.8CVSS5.8AI score0.00013EPSS

Exploits1References5

OSV•added 2024/09/09 3:15 p.m.•0 views

UBUNTU-CVE-2024-8372

4.8CVSS5.8AI score0.00015EPSS

Exploits1References5

Debian CVE•added 2024/09/09 2:48 p.m.•15 views

CVE-2024-8373

4.8CVSS6.8AI score0.00013EPSS

Exploits1

Cvelist•added 2024/09/09 2:48 p.m.•23 views

CVE-2024-8373 AngularJS improper sanitization in '<source>' element

4.8CVSS0.00013EPSS

Exploits1References2

Vulnrichment•added 2024/09/09 2:48 p.m.•16 views

CVE-2024-8373 AngularJS improper sanitization in '<source>' element

4.8CVSS6.5AI score0.00013EPSS

Exploits1References2

CVE•added 2024/09/09 2:48 p.m.•112 views

CVE-2024-8373

CVE-2024-8373 affects AngularJS across distributions; root cause is improper sanitization of the srcset attribute in HTML elements, enabling potential Content Spoofing. Affected versions are older AngularJS; Debian LTS advisory (DLA-4242) fixes angular.js to 1.8.3-1+deb12u1~deb11u1, and related ...

4.8CVSS4.5AI score0.00013EPSS

Exploits1References4Affected Software1

Cvelist•added 2024/09/09 2:46 p.m.•21 views

CVE-2024-8372 AngularJS improper sanitization in 'srcset' attribute

4.8CVSS0.00015EPSS

Exploits1References2

Vulnrichment•added 2024/09/09 2:46 p.m.•17 views

CVE-2024-8372 AngularJS improper sanitization in 'srcset' attribute

4.8CVSS4.6AI score0.00015EPSS

Exploits1References2

CVE•added 2024/09/09 2:46 p.m.•121 views

CVE-2024-8372

CVE-2024-8372 affects AngularJS; the issue is an improper sanitization of the srcset value (and related attributes) in AngularJS’s HTML rendering, allowing attackers to bypass image source restrictions and potentially enable Content Spoofing. Affected versions include 1.3.0-rc.4 and later. The An...

4.8CVSS4.6AI score0.00015EPSS

Exploits1References4Affected Software1

Debian CVE•added 2024/09/09 2:46 p.m.•17 views

CVE-2024-8372

4.8CVSS6.8AI score0.00015EPSS

Exploits1

CNNVD•added 2024/09/09 12:0 a.m.•3 views

AngularJS 安全漏洞

AngularJS is a TypeScript-based open source web application framework from AngularJS Open Source. A security vulnerability exists in AngularJS version 1.3.0-rc.4 and later, which stems from improper cleanup of the srcset attribute value...

4.8CVSS6.5AI score0.00015EPSS

Exploits1References5

CNNVD•added 2024/09/09 12:0 a.m.•2 views

AngularJS 安全漏洞

AngularJS is a TypeScript-based open source web application framework from AngularJS Open Source. A security vulnerability exists in AngularJS that stems from mishandling the value of the srcset attribute in the source HTML element, which could allow an attacker to bypass common image source...

4.8CVSS6.2AI score0.00013EPSS

Exploits1References4

UbuntuCve•added 2024/09/09 12:0 a.m.•10 views

CVE-2024-8372

4.8CVSS7AI score0.00015EPSS

Exploits1References4

UbuntuCve•added 2024/09/09 12:0 a.m.•6 views

CVE-2024-8373

4.8CVSS7AI score0.00013EPSS

Exploits1References4

IBM Security Bulletins•added 2024/06/03 1:24 p.m.•32 views

Security Bulletin: Multiple vulnerabilities in angular.js affect IBM Business Automation Workflow.

Summary IBM Business Automation Workflow packages a vulnerable copy of angular.js. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the $resource service. By providing...

6.1CVSS5.6AI score0.04265EPSS

Exploits4Affected Software2

Positive Technologies•added 2024/05/21 12:0 a.m.•2 views

PT-2024-38978

Name of the Vulnerable Software and Affected Versions: AngularJS versions all Description: The issue is related to improper sanitization of the value of the srcset attribute in HTML elements in AngularJS, allowing attackers to bypass common image source restrictions. This can also lead to a form ...

7.5CVSS7AI score0.02246EPSS

Exploits8References31

Positive Technologies•added 2024/05/21 12:0 a.m.•2 views

PT-2024-38977

Name of the Vulnerable Software and Affected Versions: AngularJS versions 1.3.0-rc.4 and greater Description: The issue is due to improper sanitization of the value of the srcset attribute in AngularJS, allowing attackers to bypass common image source restrictions. This can lead to a form of...

7.5CVSS7AI score0.02246EPSS

Exploits8References33

Tenable Nessus•added 2024/05/11 12:0 a.m.•28 views

RHEL 6 : angularjs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - angularjs: Regular Expression Denial of Service via the element CVE-2023-26118 - Versions of the package...

5.7AI score0.00521EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by