CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5962 matches found

Positive Technologies•added 2024/12/12 12:0 a.m.•21 views

PT-2024-36597 · Unknown · Simplexlsx

Name of the Vulnerable Software and Affected Versions: SimpleXLSX versions 1.0.12 through 1.1.12 Description: The issue allows for the execution of arbitrary JavaScript code when calling the extended toHTMLEx method. This can be exploited in versions prior to 1.1.12. The estimated number of...

6.8CVSS7.6AI score0.00444EPSS

Exploits0References9

Cvelist•added 2024/12/11 10:16 p.m.•13 views

CVE-2024-53274 GHSL-2024-111: Reflected XSS in /home in habitica

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in home.vue containsa reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious redirectTo parameter...

5.1CVSS0.00438EPSS

Exploits1References2

CVE•added 2024/12/11 10:16 p.m.•48 views

CVE-2024-53274

Habitica (open‑source habit builder) is affected by CVE-2024-53274. The vulnerability is a reflected XSS in the /home context via the register function in home.vue, caused by an insufficient sanitization function. An attacker can abuse a malicious redirectTo parameter to execute arbitrary JavaScr...

6.1CVSS5.7AI score0.00438EPSS

Exploits1References2Affected Software1

OSV•added 2024/12/11 10:16 p.m.•7 views

CVE-2024-53274 GHSL-2024-111: Reflected XSS in /home in habitica

5.1CVSS5.8AI score0.00438EPSS

Exploits1References4

CNNVD•added 2024/12/11 12:0 a.m.•3 views

Numerix License Server 安全漏洞

Numerix License Server is a license server from Numerix, Inc. A security vulnerability exists in Numerix License Server version 1.1596, which originates from a user clicking on a malicious link or visiting an attacker-controlled Web site can be infected with arbitrary JavaScript running in the...

Query Builder