Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53675 |
|
|
CVE-2024-53674 |
|
|
CVE-2024-53673 |
|
|
CVE-2024-53620 |
Description: A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.
CVSS: MEDIUM (4.8) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-53619 |
|
|
CVE-2024-53555 |
|
|
CVE-2024-53554 |
Description: A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details.
CVSS: HIGH (8.0) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-53425 |
Description: A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash.
CVSS: MEDIUM (6.2) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-53365 |
Description: A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/profile.php. This vulnerability allows authenticated users to inject malicious XSS scripts into the profile name field.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
November 27th, 2024 (5 months ago)
|
|
CVE-2024-53278 |
Description: Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing the admin screen.
CVSS: MEDIUM (4.8) EPSS Score: 0.05%
November 27th, 2024 (5 months ago)
|