Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bootstrap vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-52196
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel: from n/a up to and including 1.12.
Ewels Cpt Bootstrap Carousel
5.4
CVSSv3
CVE-2023-47851
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap Shortcodes Ultimate: from n/a up to and including 4.3.1.
Addonmaster Bootstrap Shortcodes Ultimate
8.8
CVSSv3
CVE-2023-39417
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Debian Debian Linux 8.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.5
CVSSv3
CVE-2023-35047
Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap Blocks plugin <= 1.3.6 versions.
Areoi All Bootstrap Blocks
7.2
CVSSv3
CVE-2023-2454
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-2455
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happe...
Postgresql Postgresql
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 38
5.4
CVSSv3
CVE-2023-32711
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload.
Splunk Splunk
7.5
CVSSv3
CVE-2023-31442
In Lightbend Akka prior to 2.8.1, the async-dns resolver (used by Discovery in DNS mode and transitively by Cluster Bootstrap) uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing...
Lightbend Akka Discovery
Lightbend Akka Actor
7.5
CVSSv3
CVE-2022-33294
Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.
Qualcomm Mdm8207 Firmware -
Qualcomm Mdm9205 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207 Firmware -
Qualcomm Qca4004 Firmware -
Qualcomm Qts110 Firmware -
Qualcomm Snapdragon Wear 1100 Firmware -
Qualcomm Snapdragon Wear 1200 Firmware -
Qualcomm Snapdragon Wear 1300 Firmware -
Qualcomm Snapdragon X5 Lte Modem Firmware -
Qualcomm Wcd9306 Firmware -
Qualcomm Wcd9330 Firmware -
6.8
CVSSv3
CVE-2023-20082
A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of ...
Cisco Ios Xe
Cisco Ios Xe 17.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »