Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osm vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2020-7749
This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ({{{ ... }}}). As such, it is possible for an malicious user to inject arbitrary HTML/JS code and depending on the context. It will be outputted...
Osm-static-maps Project Osm-static-maps
8.2
CVSSv3
CVE-2024-22519
An issue discovered in OpenDroneID OSM 3.5.1 allows malicious users to impersonate other drones via transmission of crafted data packets.
Sorenfriis Opendroneid Osm 3.5.1
1 Github repository
8.8
CVSSv3
CVE-2022-30544
Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions.
Hyumika Openstreetmap
NA
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated malicious user to execute arbitrary code within the LCM module container via a Virtual Network Function (VNF) descriptor. An attacker may be able execute code to change the normal execution o...
5.4
CVSSv3
CVE-2022-4676
The OSM WordPress plugin up to and including 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Openstreetmap Openstreetmap
NA
CVE-2002-2239
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E up to and including 12.1(13.4)E allows remote malicious users to cause a denial of service (hang) via a malformed packet.
Cisco Ios 12.1e
6.1
CVSSv3
CVE-2019-17504
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script via the /osm/report/ password parameter.
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
NA
CVE-2004-0244
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length val...
Cisco Ios 12.1e
Cisco Ios 12.2za
Cisco Ios 12.2sy
1 EDB exploit
5.3
CVSSv3
CVE-2019-17503
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes...
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
6.1
CVSSv3
CVE-2018-25064
A vulnerability was found in OSM Lab show-me-the-way. It has been rated as problematic. This issue affects some unknown processing of the file js/site.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The patch is named 4bed3b34dcc01fe6661f...
Show-me-the-way Project Show-me-the-way
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »