CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30445 – WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-30445
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en GhozyLab, Inc. Web Icons permite XSS almacenado. Este problema afecta a Web Icons: desde n/a hasta 1.0.0.10. • https://patchstack.com/database/vulnerability/icon/wordpress-web-icons-plugin-1-0-0-10-cross-site-scripting-xss-vulnerability-2?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29933 – WordPress Web Icons plugin <= 1.0.0.10 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-29933
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en GhozyLab, Inc. Web Icons permite almacenar XSS. Este problema afecta a Web Icons: desde n/a hasta 1.0.0.10. • https://patchstack.com/database/vulnerability/icon/wordpress-web-icons-plugin-1-0-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2019-12997
https://notcve.org/view.php?id=CVE-2019-12997
In Loopchain through 2.2.1.3, an attacker can escalate privileges from a low-privilege shell by changing the environment (aka injection in the DEFAULT_SCORE_HOST environment variable). En Loopchain hasta versión 2.2.1.3, un atacante puede escalar privilegios desde un shell de privilegios bajos mediante un cambio del entorno (también se conoce como inyección en la variable de entorno DEFAULT_SCORE_HOST). • https://github.com/icon-project/loopchain/issues/231 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 0CVE-2011-0651
https://notcve.org/view.php?id=CVE-2011-0651
Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value. Desbordamiento de búfer en la funcionalidad de intercambio de claves en Icon Labs Iconfidant SSL Server anterior a v1.3.0 permite a atacantes remotos ejecutar código de su elección a través de un paquete de llave maestra de cliente donde la suma de campos de longitud no especificada es mayor de cierto valor. • http://osvdb.org/70599 http://secunia.com/advisories/42971 http://www.securityfocus.com/bid/45938 http://www.zerodayinitiative.com/advisories/ZDI-11-021 https://exchange.xforce.ibmcloud.com/vulnerabilities/64868 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 0CVE-2008-0534
https://notcve.org/view.php?id=CVE-2008-0534
The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582. El servidor SSH en (1) Cisco Service Control Engine (SCE) versiones anteriores a 3.1.6, y (2) Icon Labs Iconfidant SSH versiones anteriores a 2.3.8, permite a los atacantes remotos causar una denegación de servicio (reinicio del dispositivo o interrupción del demonio) mediante una alta tasa de intentos de inicio de sesión, también se conoce como ID de Bug CSCsi68582. • http://secunia.com/advisories/30316 http://secunia.com/advisories/30590 http://securitytracker.com/id?1020074 http://www.cisco.com/en/US/products/products_security_advisory09186a008099bf65.shtml http://www.icon-labs.com/news/read.asp?newsID=77 http://www.kb.cert.org/vuls/id/626979 http://www.securityfocus.com/bid/29316 http://www.securityfocus.com/bid/29609 http://www.vupen.com/english/advisories/2008/1604/references http://www.vupen.com/english/advisories/2008/1774/reference • CWE-20: Improper Input Validation •