Lucene search
+L

288 matches found

NVD
NVD
added 2025/09/09 5:16 p.m.36 views

CVE-2025-57540

A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...

5.4CVSS0.00267EPSS
Exploits1References3
NVD
NVD
added 2025/09/09 5:16 p.m.11 views

CVE-2025-57538

A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...

5.4CVSS0.00308EPSS
Exploits1References3
OSV
OSV
added 2025/09/09 5:16 p.m.5 views

CVE-2025-57538

A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...

5.4CVSS5.7AI score0.00308EPSS
Exploits1References3
CVE
CVE
added 2025/09/09 12:0 a.m.32 views

CVE-2025-57539

Vulnerability summary (CVE-2025-57539) : Proxmox Virtual Environment 8.4 is affected by a stored XSS in the U2F Origin field of the Datacenter configuration. Authenticated users can store input that is rendered unsafely in the Web UI and executed when viewed by others, potentially enabling sessio...

5.4CVSS5.1AI score0.00267EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.6 views

Proxmox Virtual Environment 安全漏洞

Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from a U2F Origin field stored cross-site scripting vulnerability that could lead to...

5.4CVSS5.9AI score0.00267EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/09 12:0 a.m.6 views

CVE-2025-57540

A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...

5.4AI score0.00267EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.8 views

PT-2025-36792

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment version 8.4 Description: A stored cross-site scripting XSS vulnerability exists in the HTTP Proxy field within the Datacenter configuration panel. This allows an authenticated user to inject malicious input that is...

5.4CVSS5.3AI score0.00308EPSS
Exploits1References6
CVE
CVE
added 2025/09/09 12:0 a.m.23 views

CVE-2025-57540

CVE-2025-57540 describes a stored cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment (PVE) 8.4, specifically in the WebAuthn Relying Party field of the Datacenter configuration. The issue allows authenticated users to inject JavaScript that runs in the browsers of others who ...

5.4CVSS5.3AI score0.00267EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.5 views

Proxmox Virtual Environment 安全漏洞

Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from a stored cross-site scripting vulnerability in the WebAuthn Relying Party field...

5.4CVSS5.9AI score0.00267EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/09/09 12:0 a.m.15 views

CVE-2025-57540

A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...

0.00267EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/09 12:0 a.m.12 views

CVE-2025-57538

A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...

0.00308EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/09 12:0 a.m.12 views

CVE-2025-57539

A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...

0.00267EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/09/09 12:0 a.m.4 views

CVE-2025-57539

A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...

5AI score0.00267EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.6 views

Proxmox Virtual Environment 安全漏洞

Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability exists in Proxmox Virtual Environment version 8.4, which stems from an HTTP Proxy field stored cross-site scripting vulnerability that could lead to...

5.4CVSS6.2AI score0.00308EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/09 12:0 a.m.3 views

CVE-2025-57538

A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...

5.2AI score0.00308EPSS
Exploits1References3
OSV
OSV
added 2025/08/11 1:53 p.m.6 views

BIT-LIBPYTHON-2024-9287 Virtual environment (venv) activation scripts don't quote paths

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

7.8CVSS7.1AI score0.00647EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.10 views

NewStart CGSL MAIN 7.02 : python3.11 Multiple Vulnerabilities (NS-SA-2025-0109)

The remote NewStart CGSL host, running version MAIN 7.02, has python3.11 packages installed that are affected by multiple vulnerabilities: - A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly,...

9.4CVSS6.7AI score0.02527EPSS
Exploits14References23
SUSE Linux
SUSE Linux
added 2025/07/23 12:45 p.m.8 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:44 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
OSV
OSV
added 2025/07/23 12:43 p.m.6 views

SUSE-SU-2025:02491-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...

9.6CVSS7AI score0.00982EPSS
Exploits0References26
Rows per page
Query Builder