Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cdi vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2019-3841
Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were reported to disable TLS certificate validation when importing data into PVCs from container registries. This could enable man-in-the-middle attacks between a container registry and the virt-cdi-component, leading...
Kubevirt Containerized Data Importer
383
VMScore
CVE-2021-36738
The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact
Apache Pluto
383
VMScore
CVE-2022-1933
The CDI WordPress plugin prior to 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting
Collect And Deliver Interface For Woocommerce Project Collect And Deliver Interface For Woocommerce
356
VMScore
CVE-2019-10175
A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the host-assisted cloning feature does not determine whether the requesting user has permission to access the Persistent Volume Claim (PVC) in the source namespace. This could allow users t...
Kubevirt Containerized-data-importer 1.4.0
755
VMScore
CVE-2000-0136
The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Mcmurtrey Whitaker And Associates Cart32
1 EDB exploit
505
VMScore
CVE-2000-0906
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the category or format parameters.
Moreover.com Cached Feed.cgi Script 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started