CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5837 matches found

CNVD•added 2022/05/08 12:0 a.m.•18 views

Pixelimity cross-site scripting vulnerability

Pixelimity is a PHP-based CMS Content Management System.A cross-site scripting vulnerability exists in Pixelimity version 1.0, which stems from a lack of data validation filtering of user-supplied and output data in the Title field of admin/pages.php. An attacker could exploit the vulnerability t...

3.5CVSS3.4AI score0.00534EPSS

Exploits1Affected Software1

CNVD•added 2022/05/07 12:0 a.m.•18 views

Micro Focus NetIQ Access Manager Cross-Site Scripting Vulnerability (CNVD-2022-76231)

Micro Focus NetIQ Access Manager is a resource access control solution from Micro Focus, a UK-based company. A cross-site scripting vulnerability exists in versions prior to Micro Focus NetIQ Access Manager 5.0.2, which stems from a lack of data validation filtering of user-supplied data and...

4.3CVSS2.4AI score0.00327EPSS

Exploits0Affected Software1

CNVD•added 2022/05/07 12:0 a.m.•19 views

Vendure Cross-Site Scripting Vulnerability

Vendure is a headless GraphQL eCommerce framework based on Node.js and Nest ＆ TypeScript, focused on developer productivity and easy customization. version 0.1.0-alpha.2 to 1.5.1 of Vendure is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation...

3.5CVSS0.6AI score0.00576EPSS

Exploits1Affected Software1

CNVD•added 2022/05/07 12:0 a.m.•24 views

Tuxera NTFS-3G Buffer Overflow Vulnerability (CNVD-2022-82652)

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for reading and writing NTFS partitions.Tuxera NTFS-3G suffers from a buffer overflow vulnerability that originates when a networked system or product does not properly validate data boundaries when performing...

7.8CVSS6.8AI score0.00498EPSS

Exploits1References1

OSV•added 2022/05/06 7:28 a.m.•9 views

OPENSUSE-SU-2022:0125-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 101.0.4951.54 boo1199118 Chromium 101.0.4951.41 boo1198917: CVE-2022-1477: Use after free in Vulkan CVE-2022-1478: Use after free in SwiftShader CVE-2022-1479: Use after free in ANGLE CVE-2022-1480: Use after free in Device API...

8.8CVSS7.5AI score0.01029EPSS

Exploits23References28

CNVD•added 2022/05/06 12:0 a.m.•22 views

Subrion CMS Cross-Site Scripting Vulnerability (CNVD-2022-72212)

Subrion CMS is a PHP-based content management system CMS from the Subrion team. A cross-site scripting vulnerability exists in Subrion CMS version 4.2.1 and earlier, which stems from a lack of data validation of user-supplied data and output in the "Contact Us" plugin of the "Topic List". data an...

3.5CVSS2AI score0.00466EPSS

Exploits1Affected Software1

CNVD•added 2022/05/05 12:0 a.m.•15 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2022-38556)

IBM InfoSphere Information Server is a data integration platform from IBM in the United States. IBM InfoSphere Information Server version 11.7 contains a cross-site scripting vulnerability. The vulnerability stems from the program's lack of data validation filtering of user-supplied data and...

5.4CVSS2.3AI score0.00448EPSS

Exploits0References1

OSV•added 2022/05/02 7:44 p.m.•8 views

MGASA-2022-0158 Updated chromium-browser-stable packages fix security vulnerability

Use after free in Vulkan. CVE-2022-1477 Use after free in SwiftShader. CVE-2022-1478 Use after free in ANGLE. CVE-2022-1479 Use after free in Sharing. CVE-2022-1481 Inappropriate implementation in WebGL. CVE-2022-1482 Heap buffer overflow in WebGPU. CVE-2022-1483 Heap buffer overflow in Web UI...

8.8CVSS7.3AI score0.01029EPSS

Exploits23References3

CNNVD•added 2022/05/02 12:0 a.m.•4 views

Vendure 跨站脚本漏洞

5.4CVSS5.3AI score0.00576EPSS

Exploits1References4

Veracode•added 2022/04/29 5:16 a.m.•24 views

Remote Code Execution (RCE)

chrome is vulnerable to remote code execution. The vulnerability exists due to Insufficient data validation in Dev Tools which allows an attacker to bypass content security policy via a malicious HTML page...

6.5CVSS4.1AI score0.00621EPSS

Exploits0References4Affected Software2

CNNVD•added 2022/04/29 12:0 a.m.•4 views

Subrion CMS 跨站脚本漏洞

5.4CVSS5.6AI score0.00466EPSS

Exploits1References2

CNVD•added 2022/04/29 12:0 a.m.•14 views

Xiaomi Mi Browser open redirection vulnerability

Xiaomi Mi browser is a lightweight web browser from Xiaomi Technology China, Inc. A security vulnerability exists prior to Xiaomi Mi Browser 15.8, which is caused by Xiaomi Mi browser not validating the validity of incoming data. An attacker could exploit this vulnerability to perform sensitive...

7.5CVSS2.2AI score0.00408EPSS

Exploits0References1

CNVD•added 2022/04/29 12:0 a.m.•21 views

GetSimple CMS Cross-Site Scripting Vulnerability

GetSimple CMS is a content management system CMS written in PHP. GetSimple CMS suffers from a cross-site scripting vulnerability that originates from a lack of data validation filtering of user-supplied data and output in /admin/edit.php. An attacker could exploit this vulnerability to execute...

3.5CVSS3.6AI score0.0063EPSS

Exploits1

OpenVAS•added 2022/04/29 12:0 a.m.•29 views

Google Chrome Security Update (stable-channel-update-for-desktop_26-2022-04) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

9.6CVSS7.4AI score0.01029EPSS

Exploits25References1

Microsoft CVE•added 2022/04/28 3:57 p.m.•45 views

Chromium: CVE-2022-1500 Insufficient data validation in Dev Tools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS7.2AI score0.00621EPSS

Exploits0

Microsoft CVE•added 2022/04/28 3:56 p.m.•38 views

Chromium: CVE-2022-1494 Insufficient data validation in Trusted Types

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS7AI score0.00666EPSS

Exploits1

Microsoft CVE•added 2022/04/28 3:55 p.m.•29 views

Chromium: CVE-2022-1492 Insufficient data validation in Blink Editing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS7AI score0.00662EPSS

Exploits1

Veracode•added 2022/04/28 2:16 p.m.•16 views

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to insufficient data validation in Blink Editing which allows an attacker to cause an application crash...

6.1CVSS3.8AI score0.00662EPSS

Exploits1References4Affected Software2

Veracode•added 2022/04/28 2:16 p.m.•27 views

Insufficient Data Validation

chromium is vulnerable to insufficient data validation. The vulnerability exists due to the insufficient data validation in Trusted Types...

6.1CVSS2.3AI score0.00666EPSS

Exploits1References4Affected Software2

Zero Day Initiative•added 2022/04/28 12:0 a.m.•23 views

Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.4AI score0.00972EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by