CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7610 matches found

NVD•added 2023/01/20 7:15 a.m.•8 views

CVE-2023-20019

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

6.1CVSS6AI score0.00759EPSS

Exploits0References1

Prion•added 2023/01/20 7:15 a.m.•13 views

Cross site scripting

5.8CVSS5.9AI score0.00759EPSS

Exploits0References1Affected Software3

Prion•added 2023/01/20 7:15 a.m.•18 views

Cross site scripting

A vulnerability in Cisco Industrial Network Director could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks. The vulnerability is due to improper validation of content submitted to the affected application. An attacker could exploit this vulnerability by...

4.9CVSS5.3AI score0.00142EPSS

Exploits0References1Affected Software1

NVD•added 2023/01/20 3:15 a.m.•16 views

CVE-2023-22373

Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...

5.4CVSS6.1AI score0.00272EPSS

Exploits0References4

Prion•added 2023/01/20 3:15 a.m.•24 views

Cross site scripting

Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...

4.9CVSS6AI score0.00272EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2023/01/20 12:0 a.m.•3 views

CVE-2022-41441

Multiple cross-site scripting XSS vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters...

6.2AI score0.06229EPSS

Exploits3References4

Prion•added 2023/01/19 7:15 p.m.•19 views

Cross site scripting

Multiple reflective cross-site scripting XSS vulnerabilities in NexusPHP before 1.7.33 allow remote attackers to inject arbitrary web script or HTML via the secret parameter in /login.php; q parameter in /user-ban-log.php; query parameter in /log.php; text parameter in /moresmiles.php; q paramete...

5.8CVSS6AI score0.14516EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/01/19 1:34 a.m.•18 views

CVE-2023-20037

5.4CVSS5.5AI score0.00142EPSS

Exploits0References1

Tenable Nessus•added 2023/01/18 12:0 a.m.•20 views

Oracle Linux 8 : libreoffice (ELSA-2023-0089)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0089 advisory. - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys - Resolves: rhbz2134750 CVE-2022-26306...

8.8CVSS7.1AI score0.01322EPSS

Exploits0References5

Oracle linux•added 2023/01/18 12:0 a.m.•69 views

libreoffice security update

6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...

8.8CVSS3.8AI score0.01322EPSS

Exploits0

Cvelist•added 2023/01/17 12:0 a.m.•12 views

CVE-2023-22296

Reflected cross-site scripting vulnerability in MAHO-PBX NetDevancer series MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated...

6.8AI score0.00471EPSS

Exploits0References2

Tenable Nessus•added 2023/01/14 12:0 a.m.•26 views

AlmaLinux 8 : libreoffice (ALSA-2023:0089)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0089 advisory. - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme...

8.8CVSS7.8AI score0.01322EPSS

Exploits0References5

Prion•added 2023/01/13 6:15 p.m.•15 views

Cross site scripting

A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2. This vulnerability affects unknown code of the file example-form.php. The manipulation of the argument captcha with the input %3Cscript%3Ealert1%3C/script%3E leads to cross site scripting. The attack can...

5.8CVSS6.6AI score0.00359EPSS

Exploits1References5Affected Software1

CNNVD•added 2023/01/13 12:0 a.m.•3 views

DouCo DouPHP 跨站脚本漏洞

DouCo DouPHP is a lightweight enterprise content management system CMS from China's DouCo Network Technology. A security vulnerability exists in DouCo DouPHP v1.7 20221118, which originates from cross-site scripting in the /admin/articlecategory.php component and allows attackers to execute...

5.4CVSS5.7AI score0.00213EPSS

Exploits1References2

RedHat Linux•added 2023/01/12 9:18 a.m.•30 views

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS7.2AI score0.01322EPSS

Exploits0References5

OSV•added 2023/01/12 8:25 a.m.•48 views

RLSA-2023:0089 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS7.7AI score0.01322EPSS

Exploits0References5

Vulnrichment•added 2023/01/12 12:0 a.m.•4 views

CVE-2022-46503

A cross-site scripting XSS vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter...

6.1AI score0.00213EPSS

Exploits1References1

Prion•added 2023/01/05 7:15 a.m.•20 views

Cross site scripting

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

5.8CVSS6AI score0.00289EPSS

Exploits0References1Affected Software1

Prion•added 2023/01/05 7:15 a.m.•13 views

Cross site scripting

5.8CVSS6AI score0.00289EPSS

Exploits0References1Affected Software1

Prion•added 2023/01/05 7:15 a.m.•25 views

Cross site scripting

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

4.9CVSS5.2AI score0.00489EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by