Max CVSS 6.8 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-11022 4.3
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
25-07-2022 - 18:15 29-04-2020 - 22:15
CVE-2020-12459 2.1
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
26-04-2022 - 17:45 29-04-2020 - 16:15
CVE-2020-7598 6.8
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
22-04-2022 - 19:02 11-03-2020 - 23:15
CVE-2019-10744 6.4
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
16-03-2021 - 13:57 26-07-2019 - 00:15
CVE-2020-11022 4.3
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
25-09-2020 - 20:15 29-04-2020 - 22:15
Back to Top Mark selected
Back to Top