CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82 matches found

ServiceNow - Incomplete Input Validation

ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addresse...

9.8CVSS7.6AI score0.94108EPSS

Exploits4References4

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

ServiceNow Platform Jelly Template Injection (CVE-2024-4879)

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington, D.C. Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. Note that Nessus has not tested for thes...

9.8CVSS8.6AI score0.94349EPSS

Exploits8References2

Schneier on Security•added 2025/06/13 9:2 p.m.•6 views

Friday Squid Blogging: Stubby Squid

Video of the stubby squid Rossia pacifica from offshore Vancouver Island. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered...

7.2AI score

Exploits0

RedhatCVE•added 2025/02/05 12:2 a.m.•4 views

CVE-2024-4879

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...

9.8CVSS9.5AI score0.94349EPSS

Exploits8References1

Malwarebytes•added 2024/11/08 5:3 p.m.•8 views

TikTok ordered to close Canada offices following “national security review”

The Government of Canada ordered the TikTok Technology Canada Inc. to close its offices in the country following a national security review. This decision was made in accordance with the Investment Canada Act, which allows for the review of foreign investments that may be injurious to Canada’s...

6.9AI score

Exploits0

GithubExploit•added 2024/07/16 4:3 a.m.•270 views

Exploit for Improper Validation of Specified Type of Input in Servicenow

CVE-2024-4879-ServiceNow ServiceNow is a platform for busi...

9.8CVSS9.8AI score0.94349EPSS

Exploits8

NVD•added 2024/07/10 5:15 p.m.•33 views

CVE-2024-4879

9.8CVSS0.94349EPSS

Exploits8References4

NVD•added 2024/07/10 5:15 p.m.•11 views

CVE-2024-5178

ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server. The vulnerability i...

6.9CVSS0.01918EPSS

Exploits2References2

OSV•added 2024/07/10 5:15 p.m.•0 views

CVE-2024-4879

9.8CVSS6AI score0.94349EPSS

Exploits8References4

NVD•added 2024/07/10 5:15 p.m.•39 views

CVE-2024-5217

9.8CVSS0.94108EPSS

Exploits4References4

CVE•added 2024/07/10 4:28 p.m.•254 views

CVE-2024-5217

ServiceNow CVE-2024-5217 is an input-validation vulnerability in Now Platform’s GlideExpression script: an unauthenticated user can exploit an incomplete disallowed-input list to achieve remote code execution. The issue affects Washington DC, Vancouver, and earlier releases, with patches/hot fixe...

9.8CVSS6.9AI score0.94108EPSS

In wildExploits4References4Affected Software1

Cvelist•added 2024/07/10 4:28 p.m.•29 views

CVE-2024-5217 Incomplete Input Validation in GlideExpression Script

9.8CVSS0.94108EPSS

Exploits4References3

Cvelist•added 2024/07/10 4:23 p.m.•34 views

CVE-2024-5178 Incomplete Input Validation in SecurelyAccess API

6.9CVSS0.01918EPSS

Exploits2References2

CVE•added 2024/07/10 4:23 p.m.•111 views

CVE-2024-5178

CVE-2024-5178 affects ServiceNow Now Platform, where an administrative user could read sensitive files on the web application server. The vulnerability was identified in the Washington DC, Vancouver, and Utah releases and is addressed by patches and hot fixes released during the June 2024 patchin...

6.9CVSS5.6AI score0.01918EPSS

Exploits2References2

CVE•added 2024/07/10 4:16 p.m.•296 views

CVE-2024-4879

CVE-2024-4879 affects ServiceNow Now Platform (Vancouver/Washington DC/Utah releases). It is an input-validation/template-injection flaw enabling unauthenticated remote code execution with network access and no user interaction, per multiple sources. The issue has high-severity CVSS values (aroun...

9.8CVSS6.9AI score0.94349EPSS

In wildExploits8References4Affected Software1

Vulnrichment•added 2024/07/10 4:16 p.m.•57 views

CVE-2024-4879 Jelly Template Injection Vulnerability in ServiceNow UI Macros

9.8CVSS7.3AI score0.94349EPSS

Exploits8References3

ATTACKERKB•added 2024/07/10 12:0 a.m.•19 views

CVE-2024-4879

9.8CVSS9.8AI score0.94349EPSS

In wildExploits8References4

ATTACKERKB•added 2024/07/10 12:0 a.m.•15 views

CVE-2024-5217

9.8CVSS10AI score0.94349EPSS

In wildExploits8References4

Openbugbounty•added 2024/05/12 4:28 p.m.•8 views

fishingvancouverisland.ca Cross Site Scripting vulnerability OBB-3927527

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

Openbugbounty•added 2024/04/11 2:14 p.m.•11 views

vancouverlaserskincareclinic.com Cross Site Scripting vulnerability OBB-3916494

6.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by