Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osm vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2020-7749
This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ({{{ ... }}}). As such, it is possible for an malicious user to inject arbitrary HTML/JS code and depending on the context. It will be outputted...
Osm-static-maps Project Osm-static-maps
8.2
CVSSv3
CVE-2024-22519
An issue discovered in OpenDroneID OSM 3.5.1 allows malicious users to impersonate other drones via transmission of crafted data packets.
Sorenfriis Opendroneid Osm 3.5.1
1 Github repository
8.8
CVSSv3
CVE-2022-30544
Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions.
Hyumika Openstreetmap
NA
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated malicious user to execute arbitrary code within the LCM module container via a Virtual Network Function (VNF) descriptor. An attacker may be able execute code to change the normal execution o...
5.4
CVSSv3
CVE-2022-4676
The OSM WordPress plugin up to and including 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Openstreetmap Openstreetmap
NA
CVE-2002-2239
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E up to and including 12.1(13.4)E allows remote malicious users to cause a denial of service (hang) via a malformed packet.
Cisco Ios 12.1e
6.1
CVSSv3
CVE-2019-17504
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script via the /osm/report/ password parameter.
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
NA
CVE-2004-0244
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length val...
Cisco Ios 12.1e
Cisco Ios 12.2sy
Cisco Ios 12.2za
1 EDB exploit
5.3
CVSSv3
CVE-2019-17503
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes...
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
6.1
CVSSv3
CVE-2018-25064
A vulnerability was found in OSM Lab show-me-the-way. It has been rated as problematic. This issue affects some unknown processing of the file js/site.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The patch is named 4bed3b34dcc01fe6661f...
Show-me-the-way Project Show-me-the-way
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »