CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2024/04/25 12:0 a.m.•16 views

CVE-2024-32358

An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033...

7.7AI score0.00736EPSS

Vulnrichment•added 2024/04/25 12:0 a.m.•15 views

CVE-2024-32358

An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, a different vulnerability than CVE-2024-43033...

7.7AI score0.00736EPSS

CVE•added 2024/04/25 12:0 a.m.•53 views

CVE-2024-32358

CVE-2024-32358 affects JPress v5.1.0. The issue allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function, indicating a code execution risk originating from the plug‑in handling path. No remediation patch/version details are provided in the supp...

7.5CVSS7.7AI score0.00736EPSS

Exploits0References5Affected Software1

Cvelist•added 2024/04/22 12:0 a.m.•15 views

CVE-2024-31666

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...

7.7AI score0.01711EPSS

Exploits1References1

CVE•added 2024/04/22 12:0 a.m.•66 views

CVE-2024-31666

CVE-2024-31666 affects flusity-CMS v2.33. The vulnerability allows a remote attacker to execute arbitrary code via a crafted script targeting the edit_addon_post.php component. Multiple connected sources (NVD, Red Hat, OSV, CVE listing, CNNVD, and vuln enrichment) describe the same issue, confirm...

9.8CVSS7.8AI score0.01711EPSS

Exploits1References1Affected Software1

NVD•added 2024/04/19 4:15 p.m.•11 views

CVE-2024-32409

An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script...

7.1CVSS7.5AI score0.0065EPSS

OSV•added 2024/04/19 4:15 p.m.•3 views

CVE-2024-32409

An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script...

7.1CVSS6.2AI score0.0065EPSS

Cvelist•added 2024/04/19 12:0 a.m.•19 views

CVE-2024-32409

An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script...

7.7AI score0.0065EPSS

Cvelist•added 2024/04/19 12:0 a.m.•16 views

CVE-2024-22905

Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function...

7.7AI score0.00429EPSS

Github Security Blog•added 2024/04/18 3:30 p.m.•13 views

@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability

An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...

9.8CVSS8.1AI score0.01158EPSS

Exploits0References5Affected Software1

OSV•added 2024/04/18 3:30 p.m.•9 views

GHSA-JJFF-Q3Q4-5HH8 @andrei-tatar/nora-firebase-common Prototype Pollution vulnerability

9.8CVSS9.6AI score0.01158EPSS

NVD•added 2024/04/18 3:15 p.m.•7 views

CVE-2024-30564

9.8CVSS7.4AI score0.01158EPSS

OSV•added 2024/04/18 3:15 p.m.•13 views

CVE-2024-30564

9.8CVSS8.1AI score

Cvelist•added 2024/04/18 12:0 a.m.•17 views

CVE-2024-30564

7.7AI score0.01158EPSS

Vulnrichment•added 2024/04/18 12:0 a.m.•13 views

CVE-2024-30564

8.1AI score0.01158EPSS

CVE•added 2024/04/18 12:0 a.m.•78 views

CVE-2024-30564

The CVE-2024-30564 issue affects andrei-tatar/nora-firebase-common in versions 1.0.41 through 1.12.2, where a crafted script submitted to the updateState parameter of updateStateInternal can enable remote code execution. Multiple sources corroborate the vulnerability’s presence across Red Hat, Ve...

9.8CVSS7.6AI score0.01158EPSS