Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10735
In Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Getbootstrap Bootstrap 4.0.0
Getbootstrap Bootstrap
4.3
CVSSv2
CVE-2018-14042
In Bootstrap prior to 4.1.2, XSS is possible in the data-container property of tooltip.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
4.3
CVSSv2
CVE-2018-14040
In Bootstrap prior to 4.1.2, XSS is possible in the collapse data-parent attribute.
Debian Debian Linux 8.0
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
7.5
CVSSv2
CVE-2015-5685
The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote malicious users to execute arbitrary code via a crafted packet, related to "improper indexing."
Bittorrent Bootstrap-dht -
7.5
CVSSv2
CVE-2014-8509
The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote malicious users to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."
Bittorrent Bootstrap-dht -
4.3
CVSSv2
CVE-2019-20921
bootstrap-select prior to 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow malicious users to execute arbitrary JavaScript in a victim's browser.
Snapappointments Bootstrap-select
1 Github repository
NA
CVE-2023-35047
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.
Areoi All Bootstrap Blocks
NA
CVE-2023-52196
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel: from n/a up to and including 1.12.
Ewels Cpt Bootstrap Carousel
10
CVSSv2
CVE-2019-10842
Arbitrary code execution (via backdoor code) exists in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary cod...
Getbootstrap Bootstrap-sass 3.2.0.3
1 Github repository
2.1
CVSSv2
CVE-2019-13314
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
Redhat Virt-bootstrap 1.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »