Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/01/08 2:58 p.m.24 views

CVE-2025-66003 Local users can perform a local root exploit via smb4k mounthelper

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...

7.3CVSS0.00111EPSS
Exploits0References2
OSV
OSV
added 2018/11/09 5:48 p.m.20 views

GHSA-Q69P-5H74-W36F Content Injection via TileJSON Name in mapbox.js

Versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 of mapbox.js are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios. If L.mapbox.map or L.mapbox.shareControl are used in a manner that gives users control of the TileJSON content, it is possible to inject script...

6.1CVSS6.4AI score0.00935EPSS
Exploits1References6
OSV
OSV
added 2017/07/17 1:18 p.m.2 views

CVE-2017-1000043

Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2017/07/17 1:18 p.m.14 views

Cross site scripting

Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control...

4.3CVSS6.1AI score0.00935EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/07/13 8:0 p.m.27 views

CVE-2017-1000043

Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control...

6.1AI score0.00935EPSS
Exploits1References2
RubySec
RubySec
added 2016/01/12 12:0 a.m.18 views

mapbox-rails Content Injection via TileJSON Name

Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios. If you use L.mapbox.map and L.mapbox.shareControl it is possible for a malicious user with control over the TileJSON content to inject script content...

6.1CVSS6.9AI score0.00935EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder