Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
element element vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-4140
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.9
CVSSv3
CVE-2023-30838
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the `ValidateCore::isCleanHTML()` method of Prestashop misses hijackable events which can lead to cross-site scripting (XSS) injection, allowed by the presence of pre-setup `@keyframes` ...
Prestashop Prestashop
2 Github repositories
9.8
CVSSv3
CVE-2024-22203
Whoogle Search is a self-hosted metasearch engine. In versions before 0.8.4, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a GET request on lines 339-343 in `re...
Benbusby Whoogle Search
9.8
CVSSv3
CVE-2023-41790
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows to access the server configuration file and to compromise the database. This issue affects Pandora FMS: from 700 up to an...
Artica Pandora Fms
9.8
CVSSv3
CVE-2023-6012
An improper input validation vulnerability has been found in Lanaccess ONSAFE MonitorHM affecting version 3.7.0. This vulnerability could lead a remote malicious user to exploit the checkbox element and perform remote code execution, compromising the entire infrastructure.
Lanaccess Onsafe Monitorhm 3.7.0
9.8
CVSSv3
CVE-2023-5730
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &l...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2023-5176
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &l...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
9.8
CVSSv3
CVE-2023-5168
A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This v...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.8
CVSSv3
CVE-2019-19450
paraparser in ReportLab prior to 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to...
Reportlab Reportlab
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2023-35175
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model.
Hp Laserjet Pro Mfp M478-m479 W1a75a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a76a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a77a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a78a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a79a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a80a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a81a Firmware
Hp Laserjet Pro Mfp M478-m479 W1a82a Firmware
Hp Laserjet Pro M453-m454 W1y40a Firmware
Hp Laserjet Pro M453-m454 W1y41a Firmware
Hp Laserjet Pro M453-m454 W1y43a Firmware
Hp Laserjet Pro M453-m454 W1y44a Firmware
Hp Laserjet Pro M453-m454 W1y45a Firmware
Hp Laserjet Pro M453-m454 W1y46a Firmware
Hp Laserjet Pro M453-m454 W1y47a Firmware
Hp Laserjet Pro M304-m305 W1a46a Firmware
Hp Laserjet Pro M304-m305 W1a47a Firmware
Hp Laserjet Pro M304-m305 W1a48a Firmware
Hp Laserjet Pro M304-m305 W1a66a Firmware
Hp Laserjet Pro M404-m405 93m22a Firmware
Hp Laserjet Pro M404-m405 W1a51a Firmware
Hp Laserjet Pro M404-m405 W1a52a Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »