Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-9207
Arbitrary file upload in jQuery Upload File <= 4.0.2
Hayageek Jquery Upload File
1 Github repository
9.8
CVSSv3
CVE-2018-9208
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta
Tuyoshi Jquery Picture Cut 1.1
1 Github repository
9.8
CVSSv3
CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Jquery File Upload Project Jquery File Upload
3 EDB exploits
6 Github repositories
9.8
CVSSv3
CVE-2017-17560
An issue exists on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device...
Westerndigital My Cloud Pr4100 Firmware 2.30.172
1 EDB exploit
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
8.8
CVSSv3
CVE-2022-24828
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist...
Getcomposer Composer
Tenable Tenable.sc
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2021-20083
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype.
Jquery-plugin-query-object Project Jquery-plugin-query-object 2.2.3
8.8
CVSSv3
CVE-2021-20086
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-bbq 1.2.1 allows a malicious user to inject properties into Object.prototype.
Jquery-bbq Project Jquery-bbq 1.2.1
8.8
CVSSv3
CVE-2021-20084
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-sparkle 1.5.2-beta allows a malicious user to inject properties into Object.prototype.
Jquery-sparkle Project Jquery-sparkle 1.5.2
8.8
CVSSv3
CVE-2021-20087
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype.
Acemetrix Jquery-deparam 0.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »