Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-30160 |
Description: A vulnerability in the Suite Applications Services component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a Stored Cross-Site Scripting (XSS) attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary scripts.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-30159 |
Description: A vulnerability in the web conferencing component of Mitel MiCollab through 9.7.1.110 could allow an authenticated attacker with administrative privileges to conduct a Stored Cross-Site Scripting (XSS) attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary scripts.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-22717 |
Description: Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the First Name field in the application.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-22085 |
Description: An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The shadow file is world readable.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-1938 |
Description: Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
CVSS: LOW (0.0) EPSS Score: 0.07%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-11942 |
Description: A vulnerability in Drupal Core allows File Manipulation.This issue affects Drupal Core: from 10.0.0 before 10.2.10.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2024-11941 |
Description: A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-52357 |
Description: Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploitation of this vulnerability may affect availability.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-50913 |
Description: Oxide control plane software before 5 allows SSRF.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|
|
CVE-2023-49987 |
Description: A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 6th, 2024 (5 months ago)
|