Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-10735
In Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Getbootstrap Bootstrap 4.0.0
Getbootstrap Bootstrap
6.1
CVSSv3
CVE-2018-14042
In Bootstrap prior to 4.1.2, XSS is possible in the data-container property of tooltip.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
6.1
CVSSv3
CVE-2018-14040
In Bootstrap prior to 4.1.2, XSS is possible in the collapse data-parent attribute.
Debian Debian Linux 8.0
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
6.1
CVSSv3
CVE-2019-20921
bootstrap-select prior to 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow malicious users to execute arbitrary JavaScript in a victim's browser.
Snapappointments Bootstrap-select
1 Github repository
NA
CVE-2015-5685
The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote malicious users to execute arbitrary code via a crafted packet, related to "improper indexing."
Bittorrent Bootstrap-dht -
NA
CVE-2014-8509
The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote malicious users to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."
Bittorrent Bootstrap-dht -
9.8
CVSSv3
CVE-2019-10842
Arbitrary code execution (via backdoor code) exists in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary cod...
Getbootstrap Bootstrap-sass 3.2.0.3
1 Github repository
7.8
CVSSv3
CVE-2019-13314
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
Redhat Virt-bootstrap 1.1.0
5.4
CVSSv3
CVE-2023-47851
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap Shortcodes Ultimate: from n/a up to and including 4.3.1.
Addonmaster Bootstrap Shortcodes Ultimate
6.5
CVSSv3
CVE-2023-35047
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.
Areoi All Bootstrap Blocks
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »