CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-43091 – Gnome-maps: gnome maps is vulnerable to a code injection attack (similar to xss) via its service.json
https://notcve.org/view.php?id=CVE-2023-43091
A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code. • https://bugzilla.redhat.com/show_bug.cgi?id=2239091 https://gitlab.gnome.org/GNOME/gnome-maps/-/commit/d26cd774d524404ef7784e6808f551de83de4bea https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-52416 – WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2024-52416
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through 2.2. • https://patchstack.com/database/vulnerability/debug-tool/wordpress-debug-tool-plugin-2-2-remote-code-execution-vulnerability? • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20632 – Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2022-20632
A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-multivulns-kbK2yVhR • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 54EXPL: 0CVE-2022-20626 – Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2022-20626
A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.Cisco has released software updates that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-prime-reg-xss-zLOz8PfB • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20631 – Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2022-20631
An attacker could exploit this vulnerability by inserting malicious script code in a chat window. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.Cisco has released software updates that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-multivulns-kbK2yVhR • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •