Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5836 matches found

Zero Day Initiative
Zero Day Initiativeadded 2020/07/01 12:0 a.m.21 views

(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

3.3CVSS3.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2020/07/01 12:0 a.m.38 views

Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.123EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/28 12:0 a.m.2 views

NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44586)

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability stems from a lack of proper validation of...

6.1CVSS6.4AI score0.00649EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/28 12:0 a.m.4 views

Boole Server BooleBox Secure File Sharing Utility Cross-Site Scripting Vulnerability

Boole Server BooleBox Secure File Sharing Utility is a file sharing system from Boole Server Italy. The system is mainly used for encrypted file storage and sharing. A cross-site scripting vulnerability exists in Boole Server BooleBox Secure File Sharing Utility. The vulnerability stems from a la...

5.4CVSS6.2AI score0.00576EPSS
Exploits1References1
CNVD
CNVDadded 2020/06/28 12:0 a.m.7 views

Bitrix24 Web Application Firewall Cross-Site Scripting Vulnerability

Bitrix24 is a suite of enterprise social platforms from Bitrix, USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management.Web Application Firewall is one of the Web Application Firewalls. A cross-site scripting vulnerability...

6.1CVSS6.2AI score0.04511EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2020/06/26 12:0 a.m.40 views

PHP 7.2.x < 7.2.30 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...

7.5CVSS7.8AI score0.04311EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2020/06/26 12:0 a.m.150 views

PHP 7.4.x < 7.4.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...

7.5CVSS7.8AI score0.04311EPSS
Exploits1References2
NVD
NVDadded 2020/06/24 3:15 p.m.15 views

CVE-2020-14014

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...

5.4CVSS0.00649EPSS
Exploits1References2
Prion
Prionadded 2020/06/24 3:15 p.m.12 views

Cross site scripting

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS...

3.5CVSS5.4AI score0.00649EPSS
Exploits1References2Affected Software1
CNVD
CNVDadded 2020/06/23 12:0 a.m.13 views

webTareas Cross-Site Scripting Vulnerability

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A cross-site scripting vulnerability exists in the loginForm in the general/login.php page in webTareas version 2.0p8. The...

6.1CVSS6AI score0.01159EPSS
Exploits1References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.1 views

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2020-52837)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr ERP/CR...

6.1CVSS6.4AI score0.0081EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35340)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.8.2, prior to 3.7.5, and prior to 3.6.7. The vulnerability stems from a lack of proper validation of client-side...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35334)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 2.2.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35461)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.1.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35463)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.0.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.4 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35460)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.1.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

5.4CVSS6.3AI score0.00556EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2020-60831)

CMS Made Simple CMSMS is an open source content management system CMS from the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made...

5.4CVSS6.5AI score0.00644EPSS
Exploits1
CNVD
CNVDadded 2020/06/22 12:0 a.m.2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-48229)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.3.0, prior to 4.2.1, and prior to 4.1.2. The vulnerability stems from a lack of proper validation of client data ...

6.1CVSS6.3AI score0.00685EPSS
Exploits0References1
CNVD
CNVDadded 2020/06/22 12:0 a.m.3 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35338)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.0.0, prior to 3.10.2, and prior to 3.9.2. The vulnerability stems from a lack of proper validation of client data...

6.1CVSS6.3AI score0.0069EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/06/18 12:0 a.m.28 views

Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of M...

7.8CVSS4.4AI score0.03311EPSS
Exploits0References1
Rows per page
Query Builder