Lucene search
+L

171 matches found

vulnrichment
vulnrichment
added 2024/07/15 6:21 p.m.17 views

CVE-2024-40631 Cross-site Scripting (XSS) in media embed element when using custom URL parsers in plate media

Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...

8.1CVSS6AI score0.00498EPSS
Exploits0References3
cve
cve
added 2024/07/15 6:21 p.m.57 views

CVE-2024-40631

The CVE-2024-40631 vulnerability affects Plate’s media embedding in editors using MediaEmbedElement with custom urlParsers in @udecode/plate-media. Affected code paths allow un-sanitised URLs (javascript:, data:, vbscript:) to reach iframe sources via the embed property from useMediaState, or the...

8.1CVSS7.8AI score0.00498EPSS
Exploits0References3
osv
osv
added 2024/07/15 6:21 p.m.22 views

CVE-2024-40631 Cross-site Scripting (XSS) in media embed element when using custom URL parsers in plate media

Plate media is an open source, rich-text editor for React. Editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook may be vulnerable to XSS if a custom parser allows javascript:, data: or vbscript: URLs to be embedded. Editors that do not use urlParsers and consume...

8.1CVSS6.1AI score0.00498EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/07/15 12:0 a.m.4 views

Plate Security Breach

Plate is a plugin system for Ziad Beyens individual developers to make it easier to build fully functional editors. Plate has a security vulnerability that stems from when the editor uses the MediaEmbedElement component and passes custom urlParsers via the useMediaState hook, if the custom parser...

8.1CVSS6AI score0.00498EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/07/15 12:0 a.m.14 views

PT-2024-28953 · Npm · @Udecode/Plate-Media

Name of the Vulnerable Software and Affected Versions: @udecode/plate-media versions prior to 36.0.10 Description: The issue affects editors that use MediaEmbedElement and pass custom urlParsers to the useMediaState hook, potentially allowing XSS if a custom parser permits javascript:, data: or...

8.4CVSS6.1AI score0.00498EPSS
Exploits0References8
ics
ics
added 2024/06/13 6:0 a.m.42 views

Motorola Solutions Vigilant License Plate Readers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Motorola Solutions Equipment : Vigilant Fixed LPR Coms Box BCAV1F2-C600 Vulnerabilities : Authentication Bypass Using an Alternate Path or Channel, Cleartext Storage in a File or on Disk, Us...

9.8CVSS7.1AI score0.00388EPSS
Exploits0References10
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.8 views

Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in Motorola Solutions Vigilant Fixed LPR Coms Box, which originates from an attacker being able to modify the bootloader with custom parameters to bypa...

5.1CVSS7AI score0.00252EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.6 views

Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in the Motorola Solutions Vigilant Fixed LPR Coms Box, which arises from data being stored in clear text, which could allow an unauthorized user to...

7CVSS6.5AI score0.00151EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.6 views

Motorola Solutions Vigilant Fixed LPR Coms Box Trust Management Issues Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. The Motorola Solutions Vigilant Fixed LPR Coms Box suffers from a trust management issue vulnerability that stems from an attacker being able to access the maintenance console using...

9.8CVSS6.8AI score0.00388EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.5 views

Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in Motorola Solutions Vigilant Fixed LPR Coms Box version 3.1.171.9 and prior versions, which stems from the fact that data transmitted between the...

8.7CVSS6.8AI score0.00342EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.6 views

Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in Motorola Solutions Vigilant Fixed LPR Coms Box version 3.1.171.9 and earlier, which stems from insufficient protection of logs for storing...

7CVSS6.8AI score0.00213EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.4 views

Motorola Solutions Vigilant License Plate Readers Security Vulnerability

Motorola Solutions Vigilant License Plate Readers is a license plate reader from Motorola Solutions USA. A security vulnerability exists in Motorola Solutions Vigilant License Plate Readers that stems from sensitive customer information being stored in the device without encryption...

5.1CVSS6.4AI score0.00098EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/06/13 12:0 a.m.5 views

Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in the Motorola Solutions Vigilant Fixed LPR Coms Box that originates from the exploitation of default credentials that allow an attacker to log in to...

8.5CVSS6.8AI score0.00161EPSS
Exploits0References2
schneier
schneier
added 2024/03/20 11:8 a.m.15 views

Cheating Automatic Toll Booths by Obscuring License Plates

The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers cant identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as...

7.2AI score
Exploits0
schneier
schneier
added 2023/12/13 12:4 p.m.10 views

Surveillance by the US Postal Service

This is not about mass surveillance of mail, this is about the sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track down an alleged mail thief, a US postal inspector used license plate reader technology, GPS data collected by a rental car company,...

7.1AI score
Exploits0
bdu_fstec
bdu_fstec
added 2023/12/08 12:0 a.m.8 views

The vulnerability of the “search.cgi” file of the License Plate Verifier software allows a violator to execute arbitrary SQL queries.

The vulnerability of the “search.cgi” file of the License Plate Verifier software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary SQL queries...

8.3CVSS7.8AI score0.00492EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2023/12/08 12:0 a.m.8 views

The vulnerability of the “api.cgi” file of the License Plate Verifier software allows a violator to execute arbitrary code.

The vulnerability of the “api.cgi” file of the License Plate Verifier software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

8.3CVSS7.7AI score0.00749EPSS
Exploits0References3Affected Software1
openbugbounty
openbugbounty
added 2023/10/05 5:5 p.m.15 views

vm-plate.de Cross Site Scripting vulnerability OBB-3722534

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
schneier
schneier
added 2023/08/22 11:4 a.m.23 views

Applying AI to License Plate Surveillance

License plate scanners arent new. Neither is using them for bulk surveillance. Whats new is that AI is being used on the data, identifying "suspicious" vehicle behavior: Typically, Automatic License Plate Recognition ALPR technology is used to search for plates linked to specific crimes. But in...

6.9AI score
Exploits0
nvd
nvd
added 2023/08/03 7:15 a.m.16 views

CVE-2023-21412

User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...

8.8CVSS7.5AI score0.00492EPSS
Exploits0References1
Rows per page
Query Builder