Lucene search
K

113 matches found

Github Security Blog
Github Security Blog
added 2024/09/16 2:37 p.m.13 views

Aim Stored XSS through TEXT EXPLORER

A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. The manipulation of the argument query leads to cross site scripting. It is possible to launch the...

5.4CVSS6.2AI score0.0047EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/14 12:0 a.m.5 views

PT-2024-39281

Name of the Vulnerable Software and Affected Versions: aimhubio aim versions up to 3.24 Description: A problematic issue was found in the dangerouslySetInnerHTML function of the textbox.tsx file in the Text Explorer component. The manipulation of the query argument leads to cross-site scripting. ...

5.4CVSS4.4AI score0.0047EPSS
Exploits1References16
OSV
OSV
added 2024/08/07 2:15 a.m.5 views

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

3.3CVSS5.8AI score0.00147EPSS
Exploits0References1
NVD
NVD
added 2024/08/07 2:15 a.m.30 views

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

4CVSS0.00147EPSS
Exploits0References1
OSV
OSV
added 2024/08/07 2:15 a.m.6 views

CVE-2024-34630

Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/07 1:30 a.m.17 views

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

4CVSS6.5AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/07 1:30 a.m.31 views

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

4CVSS0.00147EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.6 views

PT-2024-26053 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read in the parsing textbox object, allowing a local attacker to access unauthorized memory. Recommendations: For versions prior to 4.4.21.62,...

4CVSS6.8AI score0.00147EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.7 views

PT-2024-26048 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read in Samsung Notes when applying its own binary with a textbox. This could potentially allow local attackers to read memory. Recommendations: F...

5.5CVSS6.8AI score0.00152EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/31 8:31 a.m.21 views

CVE-2017-20191 Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError cross site scripting

A vulnerability was found in Zimbra zm-admin-ajax up to 8.8.1. It has been classified as problematic. This affects the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js of the component Form Textbox Field Error Handler. The manipulation of the argument...

4CVSS3.8AI score0.00466EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.7 views

PT-2023-21024 · Sourcecodester · Sourcecodester Water Billing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Water Billing System version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the lastname text box under the Add Client module. Cross-site scripting XSS...

6.1CVSS6AI score0.0044EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.2 views

SUSE CVE-2009-2905

Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service application crash or possibly execute arbitrary code via a request to display a crafted text dialog box...

4.6CVSS7.9AI score0.00497EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.1 views

SUSE CVE-2015-4519

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element...

4.3CVSS9AI score0.02732EPSS
Exploits0References10
OSV
OSV
added 2022/06/02 6:15 p.m.4 views

CVE-2022-1979

A vulnerability was found in SourceCodester Product Show Room Site 1.0. It has been declared as problematic. This vulnerability affects p=contact. The manipulation of the Message textbox with the input alert1 leads to cross site scripting. The attack can be initiated remotely but requires...

4.8CVSS3.9AI score0.00586EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/05/09 6:38 p.m.19 views

CVE-2022-30335

Bonanza Wealth Management System BWM 7.3.2 allows SQL injection via the login form. Users who supply the application with a SQL injection payload in the User Name textbox could collect all passwords in encrypted format from the Microsoft SQL Server component...

9.9AI score0.01149EPSS
Exploits0References3
0day.today
0day.today
added 2022/01/21 12:0 a.m.325 views

Banco Guayaquil 8.0.0 Cross Site Scripting Vulnerability

Banco Guayaquil for iOS version 8.0.0 suffers from a script insertion vulnerability where a user can insert malicious code into their own name and could possibly be leveraged for attacks upstream. Document Title: =============== Banco Guayaquil Versión 8.0.0 IOS - Cross Site Scripting Stored...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/01/21 12:0 a.m.373 views

Banco Guayaquil 8.0.0 Cross Site Scripting

Document Title: =============== Banco Guayaquil Versión 8.0.0 IOS - Cross Site Scripting Stored Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.com Vendor Homepage: https://apps.apple.com/ec/app/banco-guayaquil/id624963066 =============== Release...

0.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2022/01/21 12:0 a.m.332 views

Banco Guayaquil v8.0.0 iOS - Cross Site Web Vulnerability

Document Title: =============== Banco Guayaquil v8.0.0 iOS - Cross Site Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2315 Release Date: ============= 2022-01-21 Vulnerability Laboratory ID VL-ID: ====================================...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/06/28 12:0 a.m.5 views

PT-2021-10933 · Unknown · Limesurvey

Name of the Vulnerable Software and Affected Versions: LimeSurvey version 4.2.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. This vulnerability can be exploited via the Notifications & data feature, specifically on a textbox. Recommendations: For LimeSurvey versi...

5.4CVSS5AI score0.00552EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2021/03/30 12:0 a.m.4 views

May 11, 2021-KB5001842 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803

May 11, 2021-KB5001842 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1803 Release Date: May 11, 2021 Version: .NET Framework 4.8 The May 11, 2021 update for Windows 10 Version 1803 includes cumulative reliability improvements in .NET Framework 4.8. We recommend that you apply th...

5.5AI score
Exploits0
Rows per page
Query Builder