Lucene search
K

106 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in powerbi-visuals-test2 (npm)

The package powerbi-visuals-test2 was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/05 9:37 p.m.2 views

MAL-2025-6791 Malicious code in powerbi-visuals-powerkpi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1708aa2b758d41b3666672f4afb039a73cdfa12345a815feb095ca94f0fcf900 The OpenSSF Package Analysis project identified 'powerbi-visuals-powerkpi' @ 9.0.1 npm as malicious. It is considered malicious because: - The...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/29 12:0 a.m.1 views

PRISM: Programmatic Reasoning with Image Sequence Manipulation for LVLM Jailbreaking

The increasing sophistication of large vision-language models LVLMs has been accompanied by advances in safety alignment mechanisms designed to prevent harmful content generation. However, these defenses remain vulnerable to sophisticated adversarial attacks. Existing jailbreak methods typically...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.7 views

Screen Hijack: Visual Poisoning of VLM Agents in Mobile Environments

With the growing integration of vision-language models VLMs, mobile agents are now widely used for tasks like UI automation and camera-based user assistance. These agents are often fine-tuned on limited user-generated datasets, leaving them vulnerable to covert threats during the training process...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:5 a.m.3 views

CVE-2024-51810

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Lewe Lewe Bootstrap Visuals shortcode-bootstrap-visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through = 3.0.1...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/28 3:39 a.m.3 views

Malicious code in @takamol/qiwa-remote-visuals (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 802d5f4560d93b6b3fa360d464ed104594df64ebb3f5b38ec8eb0b37385c80dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.11 views

CVE-2024-51810

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Lewe Lewe Bootstrap Visuals shortcode-bootstrap-visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through = 3.0.1...

6.5CVSS0.00374EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:31 p.m.6 views

CVE-2024-51810 WordPress Lewe Bootstrap Visuals plugin <= 2.2.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Lewe Lewe Bootstrap Visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through 2.2.2...

6.5CVSS6.7AI score0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.19 views

CVE-2024-51810 WordPress Lewe Bootstrap Visuals plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in George Lewe Lewe Bootstrap Visuals shortcode-bootstrap-visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through = 3.0.1...

6.5CVSS0.00374EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.35 views

CVE-2024-51810

CVE-2024-51810 is a Stored XSS in WordPress plugin Lewe Bootstrap Visuals (up to version 2.2.2) caused by improper neutralization of input during web page generation. The vulnerability affects Lewe Bootstrap Visuals and can allow malicious scripts to be stored and later executed in a user’s brows...

6.5CVSS7.2AI score0.00374EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.2 views

PT-2024-34937 · Unknown · Lewe Bootstrap Visuals

Name of the Vulnerable Software and Affected Versions: Lewe Bootstrap Visuals versions n/a through 2.2.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

6.5CVSS5.8AI score0.00374EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.3 views

WordPress plugin Lewe Bootstrap Visuals 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.2AI score0.00374EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/08 12:37 p.m.3 views

WordPress Lewe Bootstrap Visuals plugin <= 2.2.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Lewe Bootstrap Visuals versions = 2.2.2...

6.5CVSS5.8AI score0.00374EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.6 views

WordPress Lewe Bootstrap Visuals Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Lewe Bootstrap Visuals Type Plugin Vulnerable versions = 2.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51810 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 57dcf0adb6df Credits SOPROBRO Required privilege...

6.5CVSS6.5AI score0.00374EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/15 12:0 a.m.18 views

FreeBSD : qt6-webengine -- Multiple vulnerabilities (c6f03ea6-12de-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c6f03ea6-12de-11ef-83d8-4ccc6adda413 advisory. - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attack...

9.6CVSS8.5AI score0.19883EPSS
Exploits13References18
OSV
OSV
added 2024/05/14 3:44 p.m.1 views

DEBIAN-CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS7AI score0.08348EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:44 p.m.36 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS9.4AI score0.08348EPSS
Exploits0References8
OSV
OSV
added 2024/05/14 3:44 p.m.27 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS6.1AI score0.08348EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/05/14 3:34 a.m.2 views

SUSE CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS7.2AI score0.08348EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2024/05/14 12:0 a.m.30 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...

9.6CVSS7.3AI score0.08348EPSS
In wildExploits0References8
Rows per page
Query Builder