A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine.
Max CVSS
6.5
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitly enabled by an administrator.
Max CVSS
4.3
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections This vulnerability affects Firefox for iOS < 124.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status This vulnerability affects Firefox for iOS < 124.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Breakdance allows Code Injection.This issue affects Breakdance: from n/a through 1.7.0.
Max CVSS
9.9
EPSS Score
0.05%
Published
2024-04-03
Updated
2024-04-05
Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Oxygen Builder allows Code Injection.This issue affects Oxygen Builder: from n/a through 4.8.2.
Max CVSS
9.9
EPSS Score
0.05%
Published
2024-04-03
Updated
2024-04-05
Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share Buttons allows Stored XSS.This issue affects Woocommerce Social Media Share Buttons: from n/a through 1.3.0.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the upload.php file.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
Arbitrary file write vulnerability in beescms v.4.0, allows a remote attacker to execute arbitrary code via a file path that was not isolated and the suffix was not verified in admin_template.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code and obtain sensitive information via the index.php file.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4StsdAtom.cpp,AP4_StsdAtom::AP4_StsdAtom,mp4fragment.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4 BitReader::ReadCache() at Ap4Utils.cpp component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-03
Updated
2024-04-03
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-02
Updated
2024-04-02
Toggle Search Form
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!