CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

90 matches found

Microsoft CVE•added 2025/09/03 11:4 p.m.•2 views

Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

...

5.4CVSS7AI score0.01006EPSS

Exploits0

IBM Security Bulletins•added 2025/07/01 10:22 a.m.•6 views

Security Bulletin: IBM Event Endpoint Management is vulnerable to a Cross-site scripting (XSS) attack (CVE-2024-11831).

Summary IBM Event Endpoint Management is vulnerable to a Cross-site scripting XSS attack due to a flaw in npm-serialize-javascript. It is used for safely serialize complex JavaScript objects for storage or transmission. Vulnerability Details CVEID:CVE-2024-11831 DESCRIPTION: A flaw was found in...

5.4CVSS6.1AI score0.01006EPSS

Exploits0Affected Software1

vulnersOsv•added 2025/02/10 6:30 p.m.•5 views

@aadarshjr/reweb-js (>=1.0.7 <=1.0.17), @acentswap/ace-core-trial (>=10.4.0 <=10.7.0) +1735 more potentially affected by CVE-2024-11831 via serialize-javascript (>=6.0.0 <=6.0.1)

serialize-javascript NPM version =6.0.0, =1.0.7, =10.4.0, =9.0.0, =10.0.0, =10.0.0, =10.5.0, =10.4.0, =1.1.8, =0.4.10, =5.0.0, =6.0.0 and more Source cves: CVE-2024-11831 Source advisory: OSV:GHSA-76P7-773F-R4Q5...

5.4CVSS7.2AI score0.01006EPSS

Exploits0

OSV•added 2025/02/10 6:30 p.m.•2 views

GHSA-76P7-773F-R4Q5 Cross-site Scripting (XSS) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by...

5.4CVSS7AI score0.01006EPSS

Exploits0References27

Github Security Blog•added 2025/02/10 6:30 p.m.•13 views

Cross-site Scripting (XSS) in serialize-javascript

5.4CVSS5.2AI score0.01006EPSS

Exploits0References27Affected Software1

ATTACKERKB•added 2025/02/10 4:15 p.m.•3 views

CVE-2024-11831

5.4CVSS5.8AI score0.01006EPSS

Exploits0References25Affected Software56

OSV•added 2025/02/10 4:15 p.m.•10 views

CVE-2024-11831

5.4CVSS5.3AI score0.01006EPSS

Exploits0References23

OSV•added 2025/02/10 4:15 p.m.•1 views

DEBIAN-CVE-2024-11831

5.4CVSS7.3AI score0.01006EPSS

Exploits0References1

NVD•added 2025/02/10 4:15 p.m.•6 views

CVE-2024-11831

5.4CVSS0.01006EPSS

Exploits0References24

OSV•added 2025/02/10 4:15 p.m.•0 views

UBUNTU-CVE-2024-11831

5.4CVSS7.1AI score0.01006EPSS

Exploits0References6

Vulnrichment•added 2025/02/10 3:27 p.m.•15 views

CVE-2024-11831 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

5.4CVSS5.3AI score0.01006EPSS

Exploits0References24

Cvelist•added 2025/02/10 3:27 p.m.•17 views

CVE-2024-11831 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

5.4CVSS0.01006EPSS

Exploits0References24

CVE•added 2025/02/10 3:27 p.m.•330 views

CVE-2024-11831

CVE-2024-11831 is a deserialization/XSS issue in the npm-serialize-javascript package. The impact is described as attackers potentially executing malicious code when serialized data is deserialized by a web browser. Connected docs confirm multiple vendors referencing this CVE: IBM Storage Ceph St...

5.4CVSS5.3AI score0.01006EPSS

Exploits0References24

Debian CVE•added 2025/02/10 3:27 p.m.•11 views

CVE-2024-11831

5.4CVSS7.3AI score0.01006EPSS

Exploits0

CNNVD•added 2025/02/10 12:0 a.m.•1 views

Serialize JavaScript 跨站脚本漏洞

Serialize JavaScript is a Yahoo open source serialization of JavaScript into a JSON superset containing regular expressions and functions. A cross-site scripting vulnerability exists in Serialize JavaScript that stems from not properly cleaning certain inputs. An attacker can exploit the...

5.4CVSS7.1AI score0.01006EPSS

Exploits0References5

RedHat Linux•added 2025/01/14 1:20 a.m.•2 views

npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript

5.4CVSS5.8AI score0.01006EPSS

Exploits0References6

Positive Technologies•added 2024/09/16 12:0 a.m.•4 views

PT-2025-6048

Name of the Vulnerable Software and Affected Versions npm-serialize-javascript versions up to 6.0.1 Description The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to injec...

5.4CVSS7.2AI score0.01006EPSS

Exploits0References47

Huntr•added 2023/02/27 9:31 a.m.•77 views

Vulnerable javascript dependency used in adminsidepanel.js

Description The adminsidepanel.js used Vue.js v2.6.10, which contains the vulnerable vue-server-renderer's dependency of serialize-javascript. Proof of Concept 1.Go to https://demo.limesurvey.org/tmp/assets/cb9c5d96/build.min/js/adminsidepanel.js and search for Vue.js v2.6.10 term. We can note th...

6.7AI score

Exploits0References3

SUSE CVE•added 2023/02/15 4:7 a.m.•2 views

SUSE CVE-2019-16769

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting XSS. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of...

5.4CVSS7.9AI score0.00977EPSS

Exploits0References3

BDU FSTEC•added 2021/06/09 12:0 a.m.•5 views

The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to errors in code generation. This allows a perpetrator to execute arbitrary code.

The vulnerability of the deleteFunctions function in the serialize-javascript application library of Aurora Center is related to code generation control errors. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.2AI score0.03009EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by