CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7610 matches found

Cvelist•added 2025/03/28 8:18 a.m.•9 views

CVE-2025-27574

Cross-site scripting vulnerability exists in the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the configuration page or functions accessible only...

3.6CVSS0.00087EPSS

Exploits0References2

CNNVD•added 2025/03/28 12:0 a.m.•1 views

KDDI HGW BL1500HM 跨站脚本漏洞

The KDDI HGW BL1500HM is a home router from KDDI Japan. A cross-site scripting vulnerability exists in KDDI HGW BL1500HM 002.002.003 and earlier versions, which originates from cross-site scripting in the USB storage file sharing feature and could lead to the execution of arbitrary scripts...

3.6CVSS4.8AI score0.00087EPSS

Exploits0References3

RedHat Linux•added 2025/03/26 3:18 p.m.•2 views

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

7.8CVSS7.6AI score0.00119EPSS

Exploits0References2

RedHat Linux•added 2025/03/26 2:54 p.m.•3 views

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

7.8CVSS7.6AI score0.00119EPSS

Exploits0References2

RedHat Linux•added 2025/03/25 5:5 p.m.•12 views

Important: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.8CVSS7.6AI score0.00119EPSS

Exploits0References2

Zero Day Initiative•added 2025/03/25 12:0 a.m.•27 views

(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack o...

8.8CVSS7.5AI score0.00636EPSS

Exploits0

CNNVD•added 2025/03/24 12:0 a.m.•4 views

Yonyou UFIDA ERP-NC 代码注入漏洞

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

6.1CVSS6.2AI score0.00217EPSS

Exploits1References4

RedhatCVE•added 2025/03/22 12:19 a.m.•11 views

CVE-2025-29412

A cross-site scripting XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

4.8CVSS5.8AI score0.00114EPSS

Exploits1References1

RedhatCVE•added 2025/03/22 12:19 a.m.•8 views

CVE-2025-29410

A cross-site scripting XSS vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the txtEmail parameter...

6.1CVSS5.8AI score0.00169EPSS

Exploits1References1

CVE•added 2025/03/20 12:0 a.m.•61 views

CVE-2025-29412

The CVE-2025-29412 entry identifies an XSS vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0. The issue arises from injected payloads in the Name parameter, enabling arbitrary web scripts or HTML execution. Affected component: iBanking v2.0.0, Client Profile Up...

4.8CVSS5.7AI score0.00114EPSS

Exploits1References2Affected Software1

CNNVD•added 2025/03/20 12:0 a.m.•2 views

Hospital Management System 安全漏洞

Hospital Management System is a hospital management system by the individual developer Kishan Lal. A security vulnerability exists in Hospital Management System v1.0, which stems from a cross-site scripting vulnerability in the /contact.php component that could lead to the execution of arbitrary...

6.1CVSS6AI score0.00169EPSS

Exploits1References2

Vulnrichment•added 2025/03/20 12:0 a.m.•10 views

CVE-2025-29412

6AI score0.00114EPSS

Exploits1References2

CVE•added 2025/03/20 12:0 a.m.•64 views

CVE-2025-29410

CVE-2025-29410 is a documented XSS vulnerability in Hospital Management System v1.0, exploitable via the /contact.php component where a crafted payload injected into the txtEmail parameter can execute arbitrary script/HTML. Affected component: /contact.php; vulnerability type: XSS; CVSS v3.1 base...

6.1CVSS5.7AI score0.00169EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2025/03/19 2:22 p.m.•5 views

CVE-2025-0833

A stored Cross-site Scripting XSS vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:20 p.m.•5 views

CVE-2025-0827

A stored Cross-site Scripting XSS vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00338EPSS

Exploits0References1

Mageia•added 2025/03/18 12:4 a.m.•18 views

Updated libreoffice packages fix security vulnerability

Macro URL arbitrary script execution. CVE-2025-1080...

7.8CVSS7.2AI score0.00119EPSS

Exploits0References3

OpenVAS•added 2025/03/18 12:0 a.m.•10 views

Mageia: Security Advisory (MGASA-2025-0103)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.7AI score0.00119EPSS

Exploits0References5

NVD•added 2025/03/17 2:15 p.m.•7 views

CVE-2025-0828

A stored Cross-site Scripting XSS vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS0.00352EPSS

Exploits0References1

NVD•added 2025/03/17 2:15 p.m.•7 views

CVE-2025-0596

A stored Cross-site Scripting XSS vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS0.00352EPSS

Exploits0References1

OSV•added 2025/03/17 2:15 p.m.•2 views

CVE-2025-0601

A stored Cross-site Scripting XSS vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

5.4CVSS6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by