CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5210 matches found

Vulnrichment•added 2024/07/09 12:0 a.m.•12 views

CVE-2024-40729

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/...

5.9AI score0.004EPSS

Exploits1References1

Vulnrichment•added 2024/07/09 12:0 a.m.•14 views

CVE-2024-40727

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/...

5.8AI score0.00353EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•21 views

CVE-2024-40728

0.00353EPSS

Exploits1References1

Vulnrichment•added 2024/07/09 12:0 a.m.•17 views

CVE-2024-40731

5.8AI score0.00353EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•18 views

CVE-2024-40739

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/add...

0.00376EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•12 views

CVE-2024-38972

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/...

0.00353EPSS

Exploits1References1

Vulnrichment•added 2024/07/09 12:0 a.m.•18 views

CVE-2024-40738

5.9AI score0.00353EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•24 views

CVE-2024-40730

0.004EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•23 views

CVE-2024-40729

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/...

0.004EPSS

Exploits1References1

Cvelist•added 2024/07/09 12:0 a.m.•18 views

CVE-2024-40726

0.00376EPSS

Exploits1References1

CVE•added 2024/07/09 12:0 a.m.•59 views

CVE-2024-40740

CVE-2024-40740 is an XSS vulnerability in NetBox v4.0.3. The issue arises from insufficient filtering/escaping of user-supplied data in the Name parameter of the /dcim/power-feeds/{id}/edit/ endpoint, allowing an attacker to inject arbitrary HTML/JS. Multiple connected sources confirm the affecte...

7.1CVSS5.6AI score0.00398EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•68 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00353EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•50 views

CVE-2024-40726

The CVE-2024-40726 entry concerns NetBox v4.0.3 with a cross-site scripting (XSS) vulnerability exposed via the Name parameter in /dcim/power-ports/{id}/edit/. The Red Hat and CNVD/CNVD-style entries corroborate the same flaw. Root cause: lack of proper filtering/escaping of user-supplied data in...

6.1CVSS5.6AI score0.00376EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•63 views

CVE-2024-40730

NetBox v4.0.3 contains an XSS vulnerability: a crafted payload placed in the Name parameter at /dcim/interfaces/{id}/edit/ can execute arbitrary HTML/JS in authenticated user sessions. The issue stems from insufficient input filtering/escaping in that endpoint. Impact is described as cross-site s...

6.1CVSS5.6AI score0.004EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•62 views

CVE-2024-40738

Summary: CVE-2024-40738 is a cross-site scripting (XSS) vulnerability affecting NetBox v4.0.3. The issue arises from lack of proper filtering/escaping of user-supplied data in the Name parameter at the URL path /dcim/console-ports/{id}/edit/, allowing an attacker to inject arbitrary HTML/JS. Docu...

7.1CVSS5.6AI score0.00353EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•57 views

CVE-2024-40735

CVE-2024-40735 : A cross-site scripting (XSS) vulnerability affects NetBox v4.0.3. The issue arises from lack of proper filtering/escaping of user-supplied data in the Name parameter of the page /dcim/power-outlets/{id}/edit/ , allowing an attacker to inject arbitrary HTML/JS. The CVSS v3.1 base ...

6.1CVSS5.8AI score0.00353EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•57 views

CVE-2024-40732

CVE-2024-40732 describes a cross-site scripting (XSS) vulnerability in NetBox v4.0.3. The issue allows an attacker to inject arbitrary HTML/ scripts via the Name parameter in the /dcim/rear-ports/add/ endpoint. Affected software: NetBox v4.0.3 (DCIM/IPAM context). Root cause: lack of proper filte...

7.1CVSS5.6AI score0.004EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•59 views

CVE-2024-40737

NetBox (v4.0.3) contains an XSS vulnerability exposed via the Name parameter in the /dcim/console-ports/add API. The issue stems from inadequate input filtering/escaping, allowing crafted payloads to inject arbitrary HTML/JS. Multiple sources confirm the affected component and location; exploitat...

6.1CVSS5.6AI score0.00353EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/09 12:0 a.m.•54 views

CVE-2024-40727

NetBox v4.0.3 contains an XSS vulnerability in the /dcim/console-server-ports/add/ endpoint. A crafted payload inserted into the Name parameter can execute arbitrary web scripts/HTML in the context of the affected page. Root cause: insufficient filtering/escaping of user-supplied data leading to ...

6.1CVSS5.6AI score0.00353EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/07/09 12:0 a.m.•20 views

CVE-2024-40731

0.00353EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by