CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6722 matches found

OSV•added 2024/05/17 10:15 a.m.•1 views

UBUNTU-CVE-2024-22120

Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection...

9.1CVSS6AI score0.76618EPSS

Exploits5References3

Tenable Nessus•added 2024/05/17 12:0 a.m.•43 views

LibreOffice < 7.6.7 / 8.0.x < 24.2.3 (cve-2024-3044)

The version of LibreOffice installed on the remote host is prior to 24.2.3 or 7.6.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3044 advisory. - Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a...

6.5CVSS6.9AI score0.01008EPSS

Exploits0References2

SUSE CVE•added 2024/05/16 2:23 a.m.•4 views

SUSE CVE-2024-3044

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

7.1CVSS7.2AI score0.01008EPSS

Exploits0References5

CNNVD•added 2024/05/16 12:0 a.m.•3 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

6.1CVSS6AI score0.00271EPSS

Exploits0References2

RedhatCVE•added 2024/05/15 6:28 a.m.•66 views

CVE-2024-3044

A flaw was found in LibreOffice. Unchecked script execution in graphic on-click binding allows an attacker to create a document, which, without a prompt, will execute scripts built into LibreOffice when clicking a graphic. These scripts were previously deemed trusted but are now deemed untrusted...

7.3CVSS6AI score0.01008EPSS

Exploits0References4

Tenable Nessus•added 2024/05/15 12:0 a.m.•16 views

Debian dsa-5690 : fonts-opensymbol - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5690 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5690-1 [email protected] https://www.debian.org/security/...

6.5CVSS6.7AI score0.01008EPSS

Exploits0References5

NVD•added 2024/05/14 9:15 p.m.•13 views

CVE-2024-3044

6.5CVSS8.6AI score0.01008EPSS

Exploits0References3

OSV•added 2024/05/14 9:15 p.m.•4 views

DEBIAN-CVE-2024-3044

6.5CVSS6.8AI score0.01008EPSS

Exploits0References1

UbuntuCve•added 2024/05/14 9:15 p.m.•17 views

CVE-2024-3044

6.5CVSS7AI score0.01008EPSS

Exploits0References3

OSV•added 2024/05/14 9:15 p.m.•0 views

UBUNTU-CVE-2024-3044

6.5CVSS7AI score0.01008EPSS

Exploits0References4

Vulnrichment•added 2024/05/14 8:19 p.m.•16 views

CVE-2024-3044 Graphic on-click binding allows unchecked script execution

6.2AI score0.01008EPSS

Exploits0References3

Cvelist•added 2024/05/14 8:19 p.m.•18 views

CVE-2024-3044 Graphic on-click binding allows unchecked script execution

6.7AI score0.01008EPSS

Exploits0References3

Debian CVE•added 2024/05/14 8:19 p.m.•11 views

CVE-2024-3044

6.5CVSS6.7AI score0.01008EPSS

Exploits0

CVE•added 2024/05/14 8:19 p.m.•114 views

CVE-2024-3044

CVE-2024-3044 concerns LibreOffice: Unchecked script execution in Graphic on-click binding allows a document to trigger built-in scripts when clicking a graphic, previously treated as trusted but now untrusted. The vulnerability affects multiple LibreOffice builds across distributions, with remed...

6.5CVSS6.2AI score0.01008EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2024/05/14 8:19 p.m.•31 views

CVE-2024-3044

6.5CVSS6.3AI score0.01008EPSS

Exploits0

Vulnrichment•added 2024/05/14 3:44 a.m.•12 views

CVE-2024-33007 Client-side script execution vulnerability in SAP UI5(PDFViewer)

PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript or any harmful client-side script, the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential securi...

3.5CVSS7.1AI score0.00341EPSS

Exploits0References2

CNNVD•added 2024/05/14 12:0 a.m.•3 views

WBSAirback 跨站脚本漏洞

WBSAirback is a next generation storage and backup system from WBSAirback. A cross-site scripting vulnerability exists in WBSAirback version 21.02.04, which can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload...

4.8CVSS6.1AI score0.0047EPSS

Exploits0References3

CNNVD•added 2024/05/14 12:0 a.m.•2 views

TOTOLINK X2000R 安全漏洞

TOTOLINK X2000R is a WiFi6 wireless router from China's Gion Electronics TOTOLINK that supports Gigabit network and EasyMesh function with multi-device connectivity and wireless expansion capability. The TOTOLINK X2000R suffers from a cross-site scripting vulnerability that stems from the...

4.8CVSS6.2AI score0.00633EPSS

Exploits1References2

CNNVD•added 2024/05/14 12:0 a.m.•3 views

WBSAirback 跨站脚本漏洞

4.8CVSS6.1AI score0.0038EPSS

Exploits0References3

Positive Technologies•added 2024/05/14 12:0 a.m.•2 views

PT-2024-26740 · Unknown · Online-Shopping-System-Advanced

Name of the Vulnerable Software and Affected Versions: Online Shopping System Advanced affected versions not specified Description: The issue allows for Reflected Cross-Site Scripting XSS, where an attacker could trick a user into using a crafted URL. This would cause a script to run in the user'...

6.1CVSS6.7AI score0.00271EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by