Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Vaadin Subscribe
Filtered by product Vaadin
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-25027 1 Vaadin 2 Flow, Vaadin 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL
CVE-2018-25007 1 Vaadin 2 Flow, Vaadin 2024-11-21 4.0 MEDIUM 2.6 LOW
Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message.
CVE-2011-0509 1 Vaadin 1 Vaadin 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the index page.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024