Lucene search
K

6043 matches found

OSV
OSV
added 2024/08/26 6:33 p.m.13 views

GHSA-22XM-W7R2-834Q FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function

A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS5.9AI score0.0027EPSS
Exploits0References4
OSV
OSV
added 2024/08/26 4:15 p.m.3 views

CVE-2024-42816

A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS5.9AI score0.0027EPSS
Exploits0References2
OSV
OSV
added 2024/08/26 4:15 p.m.3 views

CVE-2024-42818

A cross-site scripting XSS vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS5.9AI score0.0027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.4 views

PT-2024-30176 · Unknown · Fastapi-Admin Pro

Name of the Vulnerable Software and Affected Versions: fastapi-admin pro version 0.1.4 Description: A cross-site scripting XSS vulnerability in the Config-Create function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS6AI score0.0027EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/08/26 12:0 a.m.37 views

CVE-2024-42816

A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

0.0027EPSS
Exploits0References2
CVE
CVE
added 2024/08/26 12:0 a.m.51 views

CVE-2024-42818

CVE-2024-42818 is a cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4, allowing injection of arbitrary scripts/HTML via the Product Name parameter. Multiple connected sources corroborate the issue and its scope. Public data do not specify a confirm...

6.1CVSS5.8AI score0.0027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.6 views

PT-2024-30175 · Unknown · Fastapi-Admin

Name of the Vulnerable Software and Affected Versions: fastapi-admin pro version 0.1.4 Description: A cross-site scripting XSS vulnerability in the Create Product function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...

6.1CVSS6.1AI score0.0027EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.14 views

PT-2024-30427 · Mediavine · Create By Mediavine

Name of the Vulnerable Software and Affected Versions: Create by Mediavine versions 1.9.8 and earlier Description: This issue exposes sensitive information to unauthorized actors. Users are urged to upgrade to the latest version to mitigate risks. Recommendations: For versions 1.9.8 and earlier,...

7.5CVSS6.4AI score0.0037EPSS
Exploits0References7
Hacker One
Hacker One
added 2024/08/24 11:16 p.m.4 views

Enjin: Race Condition on Create API Function

Race Condition on Create API Function A race condition was discovered that allowed users to submit multiple requests within rapid succession to create additional keys beyond the defined limit on the Enjin Platform Cloud service...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/08/23 2:53 a.m.3 views

SUSE CVE-2022-48932

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, Fix slab-out-of-bounds in mlx5cmddrcreatefte When adding a rule with 32 destinations, we hit the following out-of-band access issue: BUG: KASAN: slab-out-of-bounds in mlx5cmddrcreatefte+0x18ee/0x1e70 This patch fixe...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References8
OSV
OSV
added 2024/08/22 4:15 a.m.2 views

DEBIAN-CVE-2022-48932

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, Fix slab-out-of-bounds in mlx5cmddrcreatefte When adding a rule with 32 destinations, we hit the following out-of-band access issue: BUG: KASAN: slab-out-of-bounds in mlx5cmddrcreatefte+0x18ee/0x1e70 This patch fixe...

5.5CVSS5.2AI score0.00183EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/22 3:29 a.m.2 views

SUSE CVE-2022-48873

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on createrprocess and devicerelease Do not remove the map from the list on error path in fastrpcinitcreateprocess, instead call fastrpcmapput, to avoid use-after-free. Do not remove it on...

7CVSS6.5AI score0.00241EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.4 views

PT-2024-28691 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.9.x through 9.9.1 Mattermost versions 9.5.x through 9.5.7 Mattermost versions 9.10.x through 9.10.0 Description: The issue allows remote/synthetic users to create sessions or reset...

6.5CVSS6.8AI score0.00261EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/08/21 6:10 a.m.22 views

CVE-2022-48873 misc: fastrpc: Don't remove map on creater_process and device_release

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on createrprocess and devicerelease Do not remove the map from the list on error path in fastrpcinitcreateprocess, instead call fastrpcmapput, to avoid use-after-free. Do not remove it on...

0.00241EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/08/20 1:0 a.m.28 views

CVE-2024-7945 itsourcecode Laravel Property Management System Notes Page create cross site scripting

A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/notes/create of the component Notes Page. The manipulation of the argument Note text leads to cross...

5.3CVSS0.00452EPSS
Exploits1References4
CVE
CVE
added 2024/08/20 1:0 a.m.53 views

CVE-2024-7945

CVE-2024-7945 affects itsourcecode Laravel Property Management System 1.0. The vulnerability is a cross-site scripting flaw in the Notes Page component, specifically the /admin/notes/create functionality, caused by unsafely handling the Note text argument. Attack is described as remote and public...

5.4CVSS3.7AI score0.00452EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.5 views

itsourcecode Laravel Property Management System 跨站脚本漏洞

Laravel Property Management System is an itsourcecode open source property management system. A cross-site scripting vulnerability exists in version 1.0 of itsourcecode Laravel Property Management System, which originates from a cross-site scripting vulnerability in the Note text parameter of the...

5.4CVSS4.3AI score0.00452EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2024/08/18 2:1 a.m.8 views

SUSE CVE-2024-43834

In the Linux kernel, the following vulnerability has been resolved: xdp: fix invalid wait context of pagepooldestroy If the driver uses a page pool, it creates a page pool with pagepoolcreate. The reference count of page pool is 1 as default. A page pool will be destroyed only when a reference...

5.5CVSS6.3AI score0.00247EPSS
Exploits0References14
OSV
OSV
added 2024/08/18 12:4 a.m.7 views

OSV-2024-1031 Use-of-uninitialized-value in Http3FrameFactory::create

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537939 Crash type: Use-of-uninitialized-value Crash state: Http3FrameFactory::create Http3FrameFactory::fastcreate fuzzhttp3frame.cc...

5.8AI score
Exploits0References1
OSV
OSV
added 2024/08/17 9:15 a.m.3 views

UBUNTU-CVE-2024-42295

In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfsbtnodecreateblock Syzbot reported that a buffer state inconsistency was detected in nilfsbtnodecreateblock, triggering a kernel bug. It is not appropriate to treat this inconsistency as a...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References27
Rows per page
Query Builder