CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Jeedom <=4.0.38 - Cross-Site Scripting

Jeedom through 4.0.38 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. id: CVE-2020-9036 info: name: Jeedom =4.0.38 - Cross-Site Scripting author: pikpikcu severity: medium...

6.1CVSS6.5AI score0.2618EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-29525

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00507EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 6:47 p.m.•4 views

CVE-2021-42557

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials...

7.5CVSS7AI score0.00507EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:53 p.m.•7 views

CVE-2020-9036

Jeedom through 4.0.38 allows XSS...

6.1CVSS7AI score0.2618EPSS

Exploits1References1

NVD•added 2021/11/01 12:15 p.m.•9 views

CVE-2021-42557

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials...

7.5CVSS0.00507EPSS

Exploits1References2

OSV•added 2021/11/01 12:15 p.m.•10 views

CVE-2021-42557

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials...

7.5CVSS7AI score0.00507EPSS

Exploits1References2

Prion•added 2021/11/01 12:15 p.m.•12 views

Authentication flaw

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials...

5CVSS7.5AI score0.00507EPSS

Exploits1References2Affected Software1

CVE•added 2021/11/01 11:14 a.m.•31 views

CVE-2021-42557

In Jeedom through 4.1.19, a vulnerability allows a remote attacker to bypass API access and retrieve user credentials. Affected product: Jeedom core (versions up to 4.1.19). The available sources confirm that the issue enables credential disclosure via API access bypass, but the provided document...

7.5CVSS7.5AI score0.00507EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/11/01 11:14 a.m.•17 views

CVE-2021-42557

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials...

7.7AI score0.00507EPSS

Exploits1References2

CNNVD•added 2021/11/01 12:0 a.m.•3 views

Jeedom 安全漏洞

Jeedom is an open source home automation solution for the Internet of Things. Jeedom suffers from a security vulnerability that allows a remote attacker to bypass API access and retrieve user credentials...

7.5CVSS7.4AI score0.00507EPSS

Exploits1References3

Openbugbounty•added 2020/09/01 12:51 p.m.•8 views

market.jeedom.com Cross Site Scripting vulnerability OBB-1293403

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score

Exploits0

CNVD•added 2020/08/06 12:0 a.m.•2 views

Jeedom Cross-Site Scripting Vulnerability

Jeedom is an open source home automation solution for the Internet of Things. A cross-site scripting vulnerability exists in Jeedom 4.0.38 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the...

6.1CVSS6.3AI score0.2618EPSS

Exploits1References1

OSV•added 2020/08/05 10:15 p.m.•2 views

CVE-2020-9036

Jeedom through 4.0.38 allows XSS...

6.1CVSS6.4AI score0.2618EPSS

Exploits1References1

NVD•added 2020/08/05 10:15 p.m.•10 views

CVE-2020-9036

Jeedom through 4.0.38 allows XSS...

6.1CVSS6.3AI score0.2618EPSS

Exploits1References1