Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
angular angular vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5552
kubeflow/kubeflow is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to inefficient regular expression complexity in its email validation mechanism. An attacker can remotely exploit this vulnerability without authentication by providing specially crafted i...
NA
CVE-2024-33665
angular-translate up to and including 2.19.1 allows XSS via a crafted key that is used by the translate directive. NOTE: the vendor indicates that there is no documentation indicating that a key is supposed to be safe against XSS attacks.
NA
CVE-2024-21490
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a...
Angular Angular
NA
CVE-2024-22200
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0.
Vantage6 Vantage6-ui
NA
CVE-2023-26270
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote malicious user to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vu...
Ibm Guardium Cloud Key Manager
NA
CVE-2023-40311
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an malicious user to store on database and then load on JSPs or Angular templates. The solution is to upgr...
Opennms Horizon
Opennms Meridian
NA
CVE-2023-34840
angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 exists to contain a cross-site scripting (XSS) vulnerability.
Angular-ui-notification Project Angular-ui-notification
1 Github repository
NA
CVE-2023-26116
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, whi...
Angularjs Angular
Fedoraproject Fedora 38
NA
CVE-2023-26117
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result i...
Angularjs Angular
Fedoraproject Fedora 38
NA
CVE-2023-26118
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possib...
Angularjs Angular
Fedoraproject Fedora 38
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »