CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

UbuntuCve•added 2016/11/04 10:59 a.m.•21 views

CVE-2016-9188

Cross-site scripting XSS vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the sadditionalhtmlhead, sadditionalhtmltopofbody, and sadditionalhtmlfooter parameters...

6.1CVSS6.8AI score0.01543EPSS

Exploits1References3

Prion•added 2016/10/14 2:59 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Business Space in IBM Business Process Manager 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, and 8.5 before 8.5.7.0 CF2016.09 allows remote authenticated users to inject arbitrary web script or HTML via crafted content...

3.5CVSS5.6AI score0.00711EPSS

Exploits0References3Affected Software1

OpenVAS•added 2016/10/13 12:0 a.m.•23 views

Ruby on Rails Action View XSS Vulnerability (Aug 2016) - Linux

Ruby on Rails is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS6.1AI score0.03438EPSS

Exploits0References4

Prion•added 2016/10/07 2:59 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HT...

3.5CVSS6AI score0.00696EPSS

Exploits0References4Affected Software2

NVD•added 2016/10/06 10:59 a.m.•19 views

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

6.1CVSS6AI score0.00765EPSS

Exploits0References2

Prion•added 2016/10/06 10:59 a.m.•12 views

Cross site scripting

4.3CVSS6AI score0.00765EPSS

Exploits0References2Affected Software1

Cvelist•added 2016/10/06 10:0 a.m.•19 views

CVE-2016-6436

6AI score0.00765EPSS

Exploits0References2

NVD•added 2016/10/05 10:59 a.m.•18 views

CVE-2016-5901

Cross-site scripting XSS vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5AI score0.00802EPSS

Exploits0References3

Prion•added 2016/10/05 10:59 a.m.•17 views

Cross site scripting

3.5CVSS5.4AI score0.00802EPSS

Exploits0References3Affected Software1

Prion•added 2016/10/03 6:59 p.m.•20 views

Cross site scripting

Cross-site scripting XSS vulnerability in Business Process Editor in Red Hat JBoss BPM Suite before 6.3.3 allows remote authenticated users to inject arbitrary web script or HTML by levering permission to create business processes...

3.5CVSS5.1AI score0.00847EPSS

Exploits0References4Affected Software1

Cvelist•added 2016/10/03 6:0 p.m.•39 views

CVE-2016-5398

5.1AI score0.00847EPSS

Exploits0References4

Cvelist•added 2016/09/30 12:0 a.m.•19 views

CVE-2016-6647

Cross-site scripting XSS vulnerability in EMC ViPR SRM before 4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.1AI score0.01075EPSS

Exploits0References3

NVD•added 2016/09/29 10:59 a.m.•19 views

CVE-2016-5061

Multiple cross-site scripting XSS vulnerabilities in the web server in Aternity before 9.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPAgent, 2 MacAgent, 3 getExternalURL, or 4 retrieveTrustedUrl page...

6.1CVSS6.1AI score0.01233EPSS

Exploits0References2

Cvelist•added 2016/09/26 2:0 p.m.•22 views

CVE-2016-5395

Cross-site scripting XSS vulnerability in the create user functionality in the policy admin tool in Apache Ranger before 0.6.1 allows remote authenticated administrators to inject arbitrary web script or HTML via vectors related to policies...

4.7AI score0.02105EPSS

Exploits0References2

NVD•added 2016/09/26 4:59 a.m.•13 views

CVE-2016-5975

Cross-site scripting XSS vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.51089.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.52249.0.2A F...

5.4CVSS5.1AI score0.00615EPSS

Exploits0References2

Prion•added 2016/09/26 4:59 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006...

3.5CVSS5AI score0.00802EPSS

Exploits0References3Affected Software1

Cvelist•added 2016/09/26 1:0 a.m.•23 views

CVE-2016-5944

Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...

5.1AI score0.00816EPSS

Exploits0References3

Prion•added 2016/09/25 10:59 a.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS UXSS."...

4.3CVSS4.8AI score0.00797EPSS

Exploits0References6Affected Software2

Prion•added 2016/09/21 2:59 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Case Management application in EMC RSA Adaptive Authentication On-Premise before 6.0.2.1.SP3.P4 HF210, 7.0.x and 7.1.x before 7.1.0.0.SP0.P6 HF50, and 7.2.x before 7.2.0.0.SP0.P0 HF20 allows remote authenticated users to inject arbitrary web script or...

3.5CVSS5.7AI score0.01149EPSS

Exploits0References3Affected Software1

CVE•added 2016/09/18 10:0 p.m.•45 views

CVE-2016-6404

CVE-2016-6404 describes a cross-site scripting (XSS) vulnerability in the web framework of Cisco IOx Local Manager, affecting Cisco IOS 15.5(2)T and IOS XE. A remote attacker can exploit a crafted URL to inject arbitrary web script or HTML, targeting users of the web interface. The issue is tied ...

6.1CVSS6AI score0.01009EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by