Lucene search
+L

178 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-42869

Malicious code in bioql PyPI...

8.7CVSS8.5AI score0.00693EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-42868

Malicious code in bioql PyPI...

8.7CVSS8.5AI score0.14439EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41319

Malicious code in bioql PyPI...

8.7CVSS8.5AI score0.01095EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:28 a.m.10 views

CVE-2024-47002

A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS7.2AI score0.14439EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:16 a.m.19 views

CVE-2024-47140

A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS6.5AI score0.00693EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:29 a.m.9 views

CVE-2024-45061

A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS6.5AI score0.01095EPSS
Exploits1References1
Talos Blog
Talos Blog
added 2025/01/29 4:45 p.m.31 views

Whatsup Gold, Observium and Offis vulnerabilities

Cisco Talos' Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries a...

8.7CVSS8.5AI score0.69952EPSS
Exploits7
OSV
OSV
added 2025/01/15 3:15 p.m.2 views

CVE-2024-47140

A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

5.4CVSS5.9AI score0.00693EPSS
Exploits1References2
NVD
NVD
added 2025/01/15 3:15 p.m.34 views

CVE-2024-47140

A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS0.00693EPSS
Exploits1References2
OSV
OSV
added 2025/01/15 3:15 p.m.3 views

CVE-2024-45061

A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

5.4CVSS5.9AI score0.01095EPSS
Exploits1References2
OSV
OSV
added 2025/01/15 3:15 p.m.9 views

CVE-2024-47002

A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker...

5.4CVSS6AI score0.14439EPSS
Exploits1References2
NVD
NVD
added 2025/01/15 3:15 p.m.23 views

CVE-2024-45061

A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS0.01095EPSS
Exploits1References2
NVD
NVD
added 2025/01/15 3:15 p.m.28 views

CVE-2024-47002

A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS0.14439EPSS
Exploits1References2
CVE
CVE
added 2025/01/15 2:59 p.m.60 views

CVE-2024-47140

Observium CE 24.4.13528 is affected by a reflected XSS in add_alert_check. An authenticated user must click a malicious link; the exploit injects JavaScript via the entity_type parameter. Talos assigns CVSS v3.1 score 8.7 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N). Observium and Talos note a vendor pa...

8.7CVSS6.6AI score0.00693EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/15 2:59 p.m.11 views

CVE-2024-47002

A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS7.5AI score0.14439EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/15 2:59 p.m.10 views

CVE-2024-47140

A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS6.8AI score0.00693EPSS
Exploits1References1
CVE
CVE
added 2025/01/15 2:59 p.m.49 views

CVE-2024-47002

Observium CE 24.4.13528 is affected by a cross‑site HTML code injection in VLAN management. The vulnerability is a reflected XSS due to improper handling of the vlan_id parameter in the VLAN page (html/pages/vlan.inc.php). An authenticated user can trigger arbitrary HTML/JS by clicking a maliciou...

8.7CVSS7.3AI score0.14439EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/01/15 2:59 p.m.32 views

CVE-2024-47140

A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS0.00693EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/15 2:59 p.m.33 views

CVE-2024-47002

A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS0.14439EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/15 2:59 p.m.9 views

CVE-2024-45061

A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious link provided by the attacker...

8.7CVSS6.8AI score0.01095EPSS
Exploits1References1
Rows per page
Query Builder