CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-0565

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00157EPSS

Exploits0References4

VulnCheck KEV•added 2025/06/07 12:0 a.m.•0 views

VulnCheck KEV: CVE-2024-27292

Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the...

7.5CVSS7.2AI score0.93825EPSS

Exploits2References1

RedhatCVE•added 2025/05/23 8:8 a.m.•5 views

CVE-2024-27290

Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The vulnerability has been patched in version 1.4.97 of the mast...

6.1CVSS6.5AI score0.00205EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 3:50 a.m.•4 views

CVE-2024-27292

7.5CVSS6.7AI score0.93825EPSS

Exploits2References1

CNVD•added 2024/03/26 12:0 a.m.•10 views

Docassemble Open Redirect Vulnerability

Docassemble is a free, open source expert system for guided interviews and document assembly. An open redirection vulnerability exists in versions prior to Docassemble 1.4.97, which stems from the system's failure to reasonably handle target jumps, and can be exploited by an attacker to redirect ...

6.1CVSS6.5AI score0.00157EPSS

Exploits0References1

NVD•added 2024/03/21 2:52 a.m.•13 views

CVE-2024-27292

7.5CVSS7.6AI score0.93825EPSS

Exploits2References2

CNNVD•added 2024/03/21 12:0 a.m.•2 views

Docassemble 安全漏洞

6.1CVSS6.7AI score0.00157EPSS

Exploits0References4

Github Security Blog•added 2024/02/29 10:14 p.m.•26 views

Docassemble HTML and javascript injection

Impact A user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain tags allowing JavaScript to execute on the page. Patches The vulnerability has been patched in version 1.4.97 of the master...

6.1CVSS6.7AI score0.00205EPSS

Exploits0References4Affected Software1

OSV•added 2024/02/29 10:14 p.m.•15 views

GHSA-PCFX-G2J2-F6F6 Docassemble HTML and javascript injection

6.1CVSS6.2AI score0.00205EPSS

Exploits0References4

OSV•added 2024/02/29 10:14 p.m.•17 views

GHSA-7WXF-R2QV-9XWR Docassemble open redirect

Impact It is possible to create a URL that acts as an open redirect. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched. Workarounds If upgrading is not possible, manually apply the changes of 4801ac7 and restart the...

6.1CVSS6.1AI score0.00157EPSS

Exploits0References4

Github Security Blog•added 2024/02/29 10:14 p.m.•15 views

Docassemble open redirect

6.1CVSS6.5AI score0.00157EPSS

Exploits0References4Affected Software1

OSV•added 2024/02/29 10:14 p.m.•15 views

GHSA-JQ57-3W7P-VWVV Docassemble unauthorized access through URL manipulation

Impact The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. Patches The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...

7.5CVSS7.6AI score0.93825EPSS

Exploits2References4

Github Security Blog•added 2024/02/29 10:14 p.m.•13 views

Docassemble unauthorized access through URL manipulation

7.5CVSS6.6AI score0.93825EPSS

Exploits2References4Affected Software2

Cvelist•added 2024/02/29 9:56 p.m.•19 views

CVE-2024-27292 Docassemble unauthorized access through URL manipulation

7.5CVSS7.8AI score0.93825EPSS

Exploits2References2

Vulnrichment•added 2024/02/29 9:56 p.m.•23 views

CVE-2024-27292 Docassemble unauthorized access through URL manipulation

7.5CVSS6.7AI score0.93825EPSS

Exploits2References2

Vulnrichment•added 2024/02/29 9:49 p.m.•13 views

CVE-2024-27291 Docassemble open redirect

Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch...

6.1CVSS6.7AI score0.00157EPSS

Exploits0References2

OSV•added 2024/02/29 9:44 p.m.•21 views

CVE-2024-27290 Docassemble HTML and javascript injection

6.1CVSS6AI score0.00205EPSS

Exploits0References4

Positive Technologies•added 2024/02/29 12:0 a.m.•3 views

PT-2024-21799

Name of the Vulnerable Software and Affected Versions: Docassemble versions prior to 1.4.97 Description: The issue allows an attacker to create a URL that acts as an open redirect. This can potentially be used to redirect users to malicious websites. Recommendations: For versions prior to 1.4.97,...

6.1CVSS6.4AI score0.00157EPSS

Exploits0References8

Positive Technologies•added 2023/05/30 12:0 a.m.•2 views

PT-2023-24466 · Unknown · Macrovideo V380Pro

Name of the Vulnerable Software and Affected Versions: Macrovideo v380pro version 1.4.97 Description: The issue concerns the sharing of device id and password when a device is shared. Recommendations: For Macrovideo v380pro version 1.4.97, consider restricting device sharing until a fix is...

7.5CVSS7.3AI score0.00374EPSS

Exploits2References3

CNNVD•added 2023/05/30 12:0 a.m.•1 views

Macrovideo v380pro 安全漏洞

Macrovideo v380pro is a video surveillance service from Macrovideo. A security vulnerability exists in Macrovideo v380pro version 1.4.97, which stems from a deviceid and password being sent out when sharing a device...

7.5CVSS7.3AI score0.00374EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by