Filtered by vendor Snipeitapp
Subscribe
Search
Total
19 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0569 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9. | |||||
| CVE-2022-0178 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 5.5 MEDIUM | 5.4 MEDIUM |
| Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8. | |||||
| CVE-2022-0579 | 1 Snipeitapp | 1 Snipe-it | 2023-08-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9. | |||||
| CVE-2022-32061 | 1 Snipeitapp | 1 Snipe-it | 2022-07-15 | 3.5 LOW | 4.8 MEDIUM |
| An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2022-32060 | 1 Snipeitapp | 1 Snipe-it | 2022-07-15 | 3.5 LOW | 4.8 MEDIUM |
| An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2022-1511 | 1 Snipeitapp | 1 Snipe-it | 2022-05-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper Access Control in GitHub repository snipe/snipe-it prior to 5.4.4. | |||||
| CVE-2022-1445 | 1 Snipeitapp | 1 Snipe-it | 2022-05-03 | 3.5 LOW | 5.4 MEDIUM |
| Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie. | |||||
| CVE-2022-1380 | 1 Snipeitapp | 1 Snipe-it | 2022-04-25 | 3.5 LOW | 5.4 MEDIUM |
| Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie. | |||||
| CVE-2022-0622 | 1 Snipeitapp | 1 Snipe-it | 2022-02-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11. | |||||
| CVE-2022-0179 | 1 Snipeitapp | 1 Snipe-it | 2022-01-14 | 4.9 MEDIUM | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Access Control | |||||
| CVE-2021-4108 | 1 Snipeitapp | 1 Snipe-it | 2021-12-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-4089 | 1 Snipeitapp | 1 Snipe-it | 2021-12-14 | 4.0 MEDIUM | 4.3 MEDIUM |
| snipe-it is vulnerable to Improper Access Control | |||||
| CVE-2021-4018 | 1 Snipeitapp | 1 Snipe-it | 2021-12-02 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3961 | 1 Snipeitapp | 1 Snipe-it | 2021-11-23 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3938 | 1 Snipeitapp | 1 Snipe-it | 2021-11-16 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3931 | 1 Snipeitapp | 1 Snipe-it | 2021-11-16 | 4.3 MEDIUM | 4.3 MEDIUM |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-3863 | 1 Snipeitapp | 1 Snipe-it | 2021-10-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-3879 | 1 Snipeitapp | 1 Snipe-it | 2021-10-21 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2019-10118 | 1 Snipeitapp | 1 Snipe-it | 2019-03-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API. | |||||