CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-7004

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01086EPSS

Exploits0References7

RedhatCVE•added 2025/02/05 7:37 p.m.•9 views

CVE-2022-39357

Winter is a free, open-source content management system based on the Laravel PHP framework. The Snowboard framework in versions 1.1.8, 1.1.9, and 1.2.0 is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. The 1.0 branch of Winter is not affected, as it do...

9.8CVSS6.8AI score0.01086EPSS

Exploits0References1

Openbugbounty•added 2023/07/07 2:3 p.m.•13 views

snowboard-schuhe.de Cross Site Scripting vulnerability OBB-3487120

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score

Exploits0

Openbugbounty•added 2023/07/07 2:3 p.m.•11 views

snowboard-boots.de Cross Site Scripting vulnerability OBB-3487117

6.1AI score

Exploits0

Openbugbounty•added 2022/11/07 11:5 p.m.•8 views

snowboard-schuh.de Cross Site Scripting vulnerability OBB-3042552

6.2AI score

Exploits0

Github Security Blog•added 2022/10/27 6:36 p.m.•21 views

Prototype pollution in Snowboard framework

Impact The Snowboard framework in affected versions is vulnerable to prototype pollution in the main Snowboard class as well as its plugin loader. Patches This issue has been patched in https://github.com/wintercms/winter/commit/2a13faf99972e84c9661258f16c4750fa99d29a1 for 1.2 and...

9.8CVSS9AI score0.01086EPSS

Exploits0References7Affected Software1

OSV•added 2022/10/27 6:36 p.m.•23 views

GHSA-3FH5-Q6FG-W28Q Prototype pollution in Snowboard framework

8.1CVSS8.9AI score0.01086EPSS

Exploits0References7

Veracode•added 2022/10/27 5:34 a.m.•16 views

Prototype Pollution

wintercms/winter is vulnerable to prototype pollution. The vulnerability exists in the main Snowboard class as well as its plugin loader where an attacker can control the default values of an object's properties. This allows the attacker to tamper with the logic of the application...

9.8CVSS8.9AI score0.01086EPSS

Exploits0References6Affected Software1

NVD•added 2022/10/26 3:15 p.m.•14 views

CVE-2022-39357

9.8CVSS0.01086EPSS

Exploits0References5

Prion•added 2022/10/26 3:15 p.m.•8 views

Use after free

7.5CVSS9.5AI score0.01086EPSS

Exploits0References5Affected Software1

CVE•added 2022/10/26 12:0 a.m.•71 views

CVE-2022-39357

CVE-2022-39357 affects the Winter CMS Snowboard framework (versions 1.1.8–1.2.0). The vulnerability is prototype pollution in the Snowboard main class and its plugin loader, with Winter 1.0 unaffected. Patched in Winter v1.1.10 and v1.2.1. If not yet upgraded, advisories recommend security practi...

9.8CVSS8.9AI score0.01086EPSS

Exploits0References5Affected Software1

Cvelist•added 2022/10/26 12:0 a.m.•12 views

CVE-2022-39357 Winter vulnerable to Prototype Pollution in Snowboard framework

8.1CVSS9.7AI score0.01086EPSS

Exploits0References5

CNNVD•added 2022/10/26 12:0 a.m.•3 views

Winter 安全漏洞

Winter is a free, open source, self-hosted CMS platform based on the Laravel PHP framework. A security vulnerability exists in Winter versions 1.1.8, 1.1.9, and 1.2.0, which stems from the Snowboard framework's susceptibility to prototype contamination in Snowboard's main class and its plugin...

9.8CVSS8.3AI score0.01086EPSS

Exploits0References6

OSV•added 2022/10/26 12:0 a.m.•13 views

CVE-2022-39357 Winter vulnerable to Prototype Pollution in Snowboard framework

8.1CVSS9AI score0.01086EPSS

Exploits0References7

Openbugbounty•added 2022/04/20 6:10 p.m.•9 views

canadasnowboard.ca Cross Site Scripting vulnerability OBB-2536527

Exploits0

Openbugbounty•added 2020/08/22 3:44 p.m.•11 views

snowboard-zezula.pl Cross Site Scripting vulnerability OBB-1269957

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.8AI score

Exploits0

hackapp•added 2016/04/01 10:17 a.m.•14 views

Snow Spin: Snowboard Adventure - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Snow Spin: Snowboard Adventure published at the 'play' market has multiple vulnerabilities...

0.9AI score

Exploits0References1Affected Software1

hackapp•added 2016/04/01 10:8 a.m.•19 views

Alpine Slopestyle Snowboard - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Alpine Slopestyle Snowboard published at the 'play' market has multiple vulnerabilities...

0.6AI score

Exploits0References1Affected Software1

hackapp•added 2016/04/01 10:7 a.m.•8 views

Ski & Snowboard 2013 Free - Corrupted files, Dynamic Code Loading, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Ski & Snowboard 2013 Free published at the 'play' market has multiple vulnerabilities...

0.3AI score

Exploits0References1Affected Software1

hackapp•added 2016/04/01 10:7 a.m.•6 views

Snowboard Freestyle Mountain - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Snowboard Freestyle Mountain published at the 'play' market has multiple vulnerabilities...

1AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by