Lucene search
+L

375 matches found

Wolfi
Wolfi
added 2026/02/21 1:48 a.m.4 views

GHSA-FPJ8-GQ4V-P354 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.4AI score
Exploits0
Wolfi
Wolfi
added 2026/02/21 1:48 a.m.6 views

CVE-2026-24733 vulnerabilities

Vulnerabilities for packages: thingsboard...

6.5CVSS5.2AI score0.00494EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/21 1:48 a.m.7 views

CVE-2025-66614 vulnerabilities

Vulnerabilities for packages: thingsboard...

9.1CVSS5.2AI score0.00235EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/21 1:17 a.m.5 views

CVE-2026-24733 vulnerabilities

Vulnerabilities for packages: thingsboard, ontop-fips, nacos, kayenta-fips, nacos-docker, kayenta, ontop...

6.5CVSS7AI score0.00494EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/21 1:17 a.m.24 views

CVE-2025-66614 vulnerabilities

Vulnerabilities for packages: thingsboard, ontop-fips, nacos, kayenta-fips, nacos-docker, kayenta, ontop...

9.1CVSS7AI score0.00235EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/21 1:17 a.m.8 views

GHSA-QQ5R-98HH-RXC9 vulnerabilities

Vulnerabilities for packages: thingsboard, ontop-fips, nacos, kayenta-fips, nacos-docker, kayenta, ontop...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/02/21 1:17 a.m.8 views

GHSA-FPJ8-GQ4V-P354 vulnerabilities

Vulnerabilities for packages: thingsboard, ontop-fips, nacos, kayenta-fips, nacos-docker, kayenta, ontop...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.13 views

CVE-2022-31861

Cross site Scripting XSS in ThingsBoard IoT Platform through 3.3.4.1 via a crafted value being sent to the audit logs...

5.4CVSS5.9AI score0.00469EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.8 views

CVE-2023-45303

ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute for content sent to the /api/admin/settings endpoint...

8.8CVSS7AI score0.00858EPSS
Exploits1References1
Chainguard
Chainguard
added 2026/01/07 1:30 a.m.7 views

CVE-2024-34750 vulnerabilities

Vulnerabilities for packages: tomcat, thingsboard...

7.5CVSS7.2AI score0.04602EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:30 a.m.2 views

GHSA-WM9W-RJJ3-J356 vulnerabilities

Vulnerabilities for packages: tomcat, thingsboard...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2025/12/03 1:47 p.m.4 views

GHSA-PJ86-CFQH-VQX6 vulnerabilities

Vulnerabilities for packages: argo-workflows, thingsboard, sqlpad, saf, json-server, tileserver-gl...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2025/12/03 1:47 p.m.18 views

CVE-2024-51999 vulnerabilities

Vulnerabilities for packages: argo-workflows, thingsboard, sqlpad, saf, json-server, tileserver-gl...

5.1AI score0.00014EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/03 1:27 p.m.12 views

CVE-2024-51999 vulnerabilities

Vulnerabilities for packages: thingsboard, argo-workflows, redisinsight, tileserver-gl, sqlpad, json-server, saf, librechat...

5.1AI score0.00014EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/03 1:27 p.m.6 views

GHSA-PJ86-CFQH-VQX6 vulnerabilities

Vulnerabilities for packages: thingsboard, argo-workflows, redisinsight, tileserver-gl, sqlpad, json-server, saf, librechat...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/28 8:8 p.m.9 views

CVE-2025-3261

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting XSS vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if t...

6.2CVSS5.7AI score0.00033EPSS
Exploits0References1
OSV
OSV
added 2025/11/27 6:30 p.m.6 views

GHSA-5P82-2Q3R-WJ3M ThingsBoard allows an authenticated user to upload malicious SVG images

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting XSS vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if t...

6.2CVSS5.7AI score0.00033EPSS
Exploits0References4
NVD
NVD
added 2025/11/27 6:15 p.m.5 views

CVE-2025-3261

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00033EPSS
Exploits0
OSV
OSV
added 2025/11/27 6:15 p.m.7 views

CVE-2025-3261

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting XSS vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if t...

5.4CVSS5.7AI score0.00033EPSS
Exploits0References2
CVE
CVE
added 2025/11/27 6:11 p.m.13 views

CVE-2025-3261

CVE-2025-3261 entry is rejected/not used as stated; it does not represent an active vulnerability.

5.4AI score0.00033EPSS
Exploits0
Rows per page
Query Builder