Lucene search
K

6052 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.13 views

CVE-2024-37495

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.7...

6.5CVSS5.9AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:25 a.m.9 views

CVE-2024-0262

A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /Admin/News.php of the component Create News Page. The manipulation of the argument News with the input leads to cross site scripting. The attack may ...

4.8CVSS4.8AI score0.00504EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:3 a.m.14 views

CVE-2024-33306

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting XSS via "First Name" parameter in Create User...

7.4CVSS6.1AI score0.00657EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:57 a.m.23 views

CVE-2024-43264

Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through = 1.9.8...

7.5CVSS5.9AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:45 a.m.11 views

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...

8CVSS7AI score0.77461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.6 views

CVE-2023-22371

An os command injection vulnerability exists in the liburvpn.so createprivatekey functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to command execution. An attacker can send a malicious packet to trigger this vulnerability...

8.1CVSS7.8AI score0.03332EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.6 views

CVE-2023-26982

Trudesk v1.2.6 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Tags parameter under the Create Ticket function...

5.4CVSS5.9AI score0.01018EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:34 a.m.2 views

CVE-2023-26968

In Atrocore 1.5.25, the Create Import Feed option with glyphicon-glyphicon-paperclip function is vulnerable to Unauthenticated File upload...

9.8CVSS7AI score0.00981EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.4 views

CVE-2023-21827

Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...

4.3CVSS5AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:8 a.m.22 views

CVE-2023-47326

Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery CSRF via the Domain SQL Create function...

8.8CVSS7.6AI score0.00392EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.9 views

CVE-2023-3506

A vulnerability was found in Active It Zone Active eCommerce CMS 6.5.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ecommerce/supportticket of the component Create Ticket Page. The manipulation of the argument details with the input leads to cross sit...

6.1CVSS6.3AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:53 a.m.5 views

CVE-2023-33799

A stored cross-site scripting XSS vulnerability in the Create Contacts /tenancy/contacts/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS5.6AI score0.00394EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:50 a.m.9 views

CVE-2023-3288

A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user provider in the system. This results in privilege escalation...

8.8CVSS6.7AI score0.00349EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.7 views

CVE-2023-24652

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function...

8.8CVSS8.3AI score0.01048EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.4 views

CVE-2023-21201

In oncreaterecordevent of btifsdpserver.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

7.5CVSS6.4AI score0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:12 a.m.6 views

CVE-2023-43802

Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /upload which handles request with the filename parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can...

7.8CVSS6.9AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.12 views

CVE-2023-33800

A stored cross-site scripting XSS vulnerability in the Create Regions /dcim/regions/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS5.6AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:55 a.m.6 views

CVE-2023-24656

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function...

8.8CVSS8.3AI score0.01048EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:20 a.m.12 views

CVE-2022-21393

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...

4.3CVSS5.6AI score0.00804EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:24 a.m.6 views

CVE-2022-47073

A cross-site scripting XSS vulnerability in the Create Ticket page of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject parameter...

5.4CVSS5.8AI score0.00617EPSS
Exploits0References1
Rows per page
Query Builder