CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-43723

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.06548EPSS

Exploits1References3

NVD•added 2024/11/13 6:15 p.m.•9 views

CVE-2024-49379

Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting XSS vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed...

5.3CVSS0.06548EPSS

Exploits1References3

Cvelist•added 2024/11/13 5:18 p.m.•15 views

CVE-2024-49379 Remote Code Execution (RCE) via Cross-Site Scripting (XSS) in Umbrel

5.3CVSS0.06548EPSS

Exploits1References3

OSV•added 2024/11/13 5:18 p.m.•7 views

CVE-2024-49379 Remote Code Execution (RCE) via Cross-Site Scripting (XSS) in Umbrel

5.3CVSS5.9AI score0.06548EPSS

Exploits1References5

CVE•added 2024/11/13 5:18 p.m.•46 views

CVE-2024-49379

UmbrelOS prior to 1.2.2 has a reflected XSS in use-auth.tsx via a malicious redirect parameter. If a JavaScript URL is used in redirect, attacker-provided JS can run after password entry at login. Fixed in 1.2.2. Upgrade to 1.2.2 or later; as workaround, disable login or restrict access to the us...

5.3CVSS5.7AI score0.06548EPSS

Exploits1References3

Vulnrichment•added 2024/11/13 5:18 p.m.•6 views

CVE-2024-49379 Remote Code Execution (RCE) via Cross-Site Scripting (XSS) in Umbrel

5.3CVSS5.9AI score0.06548EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by