CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-44035

Malicious code in bioql PyPI...

9.6CVSS8.8AI score0.01794EPSS

Exploits0References1

OSV•added 2024/05/02 3:15 p.m.•2 views

CVE-2024-4406

Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the...

9.6CVSS6.2AI score0.70135EPSS

Exploits0References1

NVD•added 2024/05/02 3:15 p.m.•11 views

CVE-2024-4405

Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the targe...

9.6CVSS8.7AI score0.01794EPSS

Exploits0References1

OSV•added 2024/05/02 3:15 p.m.•0 views

CVE-2024-4405

9.6CVSS6.2AI score0.01794EPSS

Exploits0References1

NVD•added 2024/05/02 3:15 p.m.•14 views

CVE-2024-4406

9.6CVSS8.7AI score0.70135EPSS

Exploits0References1

Vulnrichment•added 2024/05/02 3:2 p.m.•21 views

CVE-2024-4406 Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability

8.8CVSS7.2AI score0.70135EPSS

Exploits0References1

CVE•added 2024/05/02 3:2 p.m.•68 views

CVE-2024-4406

This CVE affects Xiaomi Pro 13 smartphones (GetApps) via the integral-dialog-page.html flaw. The root cause is improper sanitization when parsing the integralInfo parameter, enabling arbitrary script injection that can lead to remote code execution in the context of the current user. Exploitation...

9.6CVSS8.5AI score0.70135EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/05/02 3:2 p.m.•14 views

CVE-2024-4406 Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.70135EPSS

Exploits0References1

Cvelist•added 2024/05/02 3:2 p.m.•17 views

CVE-2024-4405 Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01794EPSS

Exploits0References1

CVE•added 2024/05/02 3:2 p.m.•58 views

CVE-2024-4405

CVE-2024-4405 affects Xiaomi Pro 13 smartphones. The vulnerability is in the manual-upgrade.html flow, where parsing of the manualUpgradeInfo parameter does not properly sanitize input, allowing a cross-site scripting path to escalate to remote code execution. An attacker can exploit this by conv...

9.6CVSS8.5AI score0.01794EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/05/02 3:2 p.m.•12 views

CVE-2024-4405 Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability

8.8CVSS8.6AI score0.01794EPSS

Exploits0References1

CNNVD•added 2024/05/02 12:0 a.m.•1 views

Xiaomi Pro 13 安全漏洞

Xiaomi Pro 13 is a smartphone from Chinese company Xiaomi Xiaomi. The Xiaomi Pro 13 suffers from a security vulnerability that originates from a specific flaw in the manual-upgrade.html file, which allows remote attackers to execute arbitrary code...

9.6CVSS9AI score0.01794EPSS

Exploits0References2

CNNVD•added 2024/05/02 12:0 a.m.•2 views

Xiaomi Pro 13 安全漏洞

Xiaomi Pro 13 is a smartphone from Chinese company Xiaomi Xiaomi. The Xiaomi Pro 13 suffers from a security vulnerability that originates from a specific flaw in the integral-dialog-page.html file, which allows remote attackers to execute arbitrary code...

9.6CVSS9AI score0.70135EPSS

Exploits0References2

Positive Technologies•added 2024/05/01 12:0 a.m.•4 views

PT-2024-30927 · Xiaomi · Xiaomi Pro 13

Name of the Vulnerable Software and Affected Versions: Xiaomi Pro 13 affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this issue, where the targ...

9.6CVSS9.2AI score0.70135EPSS

Exploits0References11

Positive Technologies•added 2024/05/01 12:0 a.m.•2 views

PT-2024-30917 · Xiaomi · Xiaomi Pro 13

9.6CVSS9.1AI score0.01794EPSS

Exploits0References8

Zero Day Initiative•added 2024/05/01 12:0 a.m.•19 views

(Pwn2Own) Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS7.4AI score0.01794EPSS

Exploits0

Zero Day Initiative•added 2024/05/01 12:0 a.m.•19 views

Xiaomi Pro 13 isUrlMatchLevel Permissive List of Allowed Inputs Remote Code Execution Vulnerability

8.8CVSS7.2AI score0.00207EPSS

Exploits0References1

Zero Day Initiative•added 2024/05/01 12:0 a.m.•28 views

(Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability

8.8CVSS7.4AI score0.70135EPSS

Exploits0

Positive Technologies•added 2024/05/01 12:0 a.m.•4 views

PT-2024-12095 · Xiaomi · Xiaomigetapps

Name of the Vulnerable Software and Affected Versions: XiaomiGetApps affected versions not specified Description: A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this...

9.8CVSS8AI score0.00207EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by