Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10735
In Bootstrap 3.x prior to 3.4.0 and 4.x-beta prior to 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Getbootstrap Bootstrap 4.0.0
Getbootstrap Bootstrap
4.3
CVSSv2
CVE-2018-14042
In Bootstrap prior to 4.1.2, XSS is possible in the data-container property of tooltip.
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
4.3
CVSSv2
CVE-2018-14040
In Bootstrap prior to 4.1.2, XSS is possible in the collapse data-parent attribute.
Debian Debian Linux 8.0
Getbootstrap Bootstrap
Getbootstrap Bootstrap 4.0.0
2 Github repositories
4.3
CVSSv2
CVE-2019-20921
bootstrap-select prior to 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow malicious users to execute arbitrary JavaScript in a victim's browser.
Snapappointments Bootstrap-select
1 Github repository
7.5
CVSSv2
CVE-2015-5685
The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote malicious users to execute arbitrary code via a crafted packet, related to "improper indexing."
Bittorrent Bootstrap-dht -
7.5
CVSSv2
CVE-2014-8509
The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote malicious users to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Improper Indexing."
Bittorrent Bootstrap-dht -
10
CVSSv2
CVE-2019-10842
Arbitrary code execution (via backdoor code) exists in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary cod...
Getbootstrap Bootstrap-sass 3.2.0.3
1 Github repository
2.1
CVSSv2
CVE-2019-13314
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
Redhat Virt-bootstrap 1.1.0
NA
CVE-2023-47851
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap Shortcodes Ultimate: from n/a up to and including 4.3.1.
Addonmaster Bootstrap Shortcodes Ultimate
NA
CVE-2023-35047
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.
Areoi All Bootstrap Blocks
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »