Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diagrams drawio vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2022-1575
Arbitrary Code Execution through Sanitizer Bypass in GitHub repository jgraph/drawio before 18.0.0. - Arbitrary (remote) code execution in the desktop app. - Stored XSS in the web app.
Diagrams Drawio
445
VMScore
CVE-2022-1721
Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio before 18.0.5. Read local files of the web application.
Diagrams Drawio
445
VMScore
CVE-2022-1723
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio before 18.0.6.
Diagrams Drawio
605
VMScore
CVE-2022-1727
Improper Input Validation in GitHub repository jgraph/drawio before 18.0.6.
Diagrams Drawio
516
VMScore
CVE-2022-1774
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio before 18.0.7.
Diagrams Drawio
445
VMScore
CVE-2022-1784
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio before 18.0.8.
Diagrams Drawio
445
VMScore
CVE-2022-1815
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio before 18.1.2.
Diagrams Drawio
445
VMScore
CVE-2022-1713
SSRF on /proxy in GitHub repository jgraph/drawio before 18.0.4. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.
Diagrams Drawio
NA
CVE-2022-3133
OS Command Injection in GitHub repository jgraph/drawio before 20.3.0.
Diagrams Drawio
NA
CVE-2023-3975
OS Command Injection in GitHub repository jgraph/drawio before 21.5.0.
Diagrams Drawio
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »