CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

231 matches found

CVE•added 2023/02/08 12:0 a.m.•61 views

CVE-2023-0744

CVE-2023-0744 affects the GitHub repo answerdev/answer prior to version 1.0.4, enabling an Improper Access Control that can lead to account takeover via the password-reset flow. Public references describe an endpoint abuse: an attacker can trigger password reset via answer/api/v1/user/password/re...

9.8CVSS9.5AI score0.08519EPSS

Exploits4References3Affected Software1

Vulnrichment•added 2023/02/08 12:0 a.m.•3 views

CVE-2023-0743 Cross-site Scripting (XSS) - Generic in answerdev/answer

Cross-site Scripting XSS - Generic in GitHub repository answerdev/answer prior to 1.0.4...

8.2CVSS6.4AI score0.00286EPSS

Exploits1References2

Vulnrichment•added 2023/02/08 12:0 a.m.•6 views

CVE-2023-0739 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in answerdev/answer

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' in GitHub repository answerdev/answer prior to 1.0.4...

8.1CVSS7.3AI score0.00521EPSS

Exploits1References2

CVE•added 2023/02/08 12:0 a.m.•43 views

CVE-2023-0741

CVE-2023-0741 : Cross-site Scripting (XSS) via DOM in the GitHub repository answerdev/answer prior to version 1.0.4 . Root cause is a DOM-based XSS vulnerability in the client-side code, enabling attacker-controlled script execution within a user session. The vulnerability is described as affecti...

9CVSS8.2AI score0.00448EPSS

Exploits1References2Affected Software1

CVE•added 2023/02/08 12:0 a.m.•50 views

CVE-2023-0739

CVE-2023-0739 affects the GitHub project answerdev/answer prior to 1.0.4. The issue is a race condition caused by concurrent execution using a shared resource with improper synchronization, leading to potential integrity and availability impacts. The vulnerability is documented across multiple so...

8.1CVSS6.9AI score0.00521EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2023/02/08 12:0 a.m.•2 views

PT-2023-16492 · Answerdev · Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to a Race Condition, which occurs due to concurrent execution using a shared resource with improper synchronization. This problem is identified in the GitHub repositor...

8.1CVSS8.3AI score0.00521EPSS

Exploits1References10

Vulnrichment•added 2023/02/08 12:0 a.m.•5 views

CVE-2023-0740 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.4...

8.2CVSS6.2AI score0.00448EPSS

Exploits1References2

OSV•added 2023/02/08 12:0 a.m.•8 views

CVE-2023-0740 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.4...

8.2CVSS8.5AI score0.00448EPSS

Exploits1References4

OSV•added 2023/02/08 12:0 a.m.•10 views

CVE-2023-0741 Cross-site Scripting (XSS) - DOM in answerdev/answer

Cross-site Scripting XSS - DOM in GitHub repository answerdev/answer prior to 1.0.4...

8CVSS8.3AI score0.00448EPSS

Exploits1References4

Positive Technologies•added 2023/02/08 12:0 a.m.•1 views

PT-2023-16495 · Unknown · Answerdev/Answer

Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to a Cross-site Scripting XSS - Stored vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, which can then be...

9CVSS7.3AI score0.00448EPSS

Exploits1References10

Vulnrichment•added 2023/02/08 12:0 a.m.•5 views

CVE-2023-0744 Improper Access Control in answerdev/answer

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4...

9.8CVSS7.1AI score0.08519EPSS

Exploits4References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by