Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2024/11/25 6:44 p.m.2 views

CVE-2024-32468 Improper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generator

Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...

5.4CVSS5.7AI score0.00091EPSS
Exploits0References4
Mageia
Mageiaadded 2023/01/24 7:58 a.m.47 views

Updated viewvc packages fix security vulnerability

ViewVC is vulnerable to cross-site scripting. The impact of these vulnerabilities is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by an otherwise trusted ViewVC instance. The attack vector involves files with unsafe names names that, when...

6.1CVSS6AI score0.00612EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/01/04 3:12 p.m.4 views

CVE-2023-22464 ViewVC XSS vulnerability in revision view changed path "copyfrom" locations

ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...

5.4CVSS5.8AI score0.00612EPSS
Exploits1References4
CVE
CVEadded 2023/01/03 6:29 p.m.64 views

CVE-2023-22456

CVE-2023-22456 affects ViewVC, a browser interface for CVS/Subversion repositories. The vulnerability is an cross-site scripting (XSS) flaw that impacts ViewVC versions before 1.2.2 (and 1.1.29). The attack requires the attacker to have commit privileges to a Subversion repository exposed by a tr...

6.1CVSS5.8AI score0.00529EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2022/04/12 8:15 p.m.11 views

CVE-2022-29049

Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name...

5.4CVSS0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/04/12 8:15 p.m.2 views

CVE-2022-29049

Jenkins promoted builds Plugin 873.v6149dbd64130 and earlier, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name...

5.4CVSS6.1AI score0.00113EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2018/11/29 10:23 a.m.3 views

ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir

It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create temporary files and directories outside of the dedicated directory...

7.5CVSS7.3AI score0.02372EPSS
Exploits0References5
Rows per page
Query Builder