CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2016/09/18 1:0 a.m.•41 views

CVE-2016-6641

EMC ViPR SRM is affected by a cross-site scripting (XSS) vulnerability in versions prior to 3.7.2. Remote authenticated users can inject arbitrary web script or HTML via unspecified vectors. The issue is documented across multiple sources (e.g., CNVD/NVD) and is fixed in version 3.7.2. Practical ...

7.6CVSS6AI score0.00724EPSS

Cvelist•added 2016/09/18 1:0 a.m.•18 views

CVE-2016-6641

Cross-site scripting XSS vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

6.3AI score0.00724EPSS

Prion•added 2016/09/17 9:59 p.m.•17 views

Cross site scripting

Cross-site scripting XSS vulnerability in share.js in the gallery application in ownCloud Server before 9.0.4 and Nextcloud Server before 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name...

3.5CVSS5.5AI score0.01373EPSS

Exploits1References5Affected Software2

Debian CVE•added 2016/09/11 10:0 a.m.•31 views

CVE-2016-5164

Removed by vendor...

6.1CVSS8AI score0.01042EPSS

Exploits0

Debian CVE•added 2016/09/07 7:0 p.m.•29 views

CVE-2016-6316

Cross-site scripting XSS vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers...

6.1CVSS6.3AI score0.03438EPSS

Exploits0

Prion•added 2016/09/07 6:59 p.m.•17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01543EPSS

RedhatCVE•added 2016/09/06 11:19 a.m.•28 views

CVE-2016-7139

Cross-site scripting XSS vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

6.1CVSS4.5AI score0.01588EPSS

Exploits2References2

Prion•added 2016/09/02 12:59 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz76232...

4.3CVSS6.2AI score0.01468EPSS

Exploits1References4Affected Software1

NVD•added 2016/09/01 10:59 a.m.•24 views

CVE-2016-3008

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2954 and CVE-2016-2956...

5.4CVSS5.1AI score0.00615EPSS

Prion•added 2016/09/01 10:59 a.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2995, CVE-2016-300...

3.5CVSS5AI score0.00802EPSS

Prion•added 2016/09/01 10:59 a.m.•12 views

Cross site scripting

3.5CVSS5AI score0.00802EPSS

Prion•added 2016/09/01 10:59 a.m.•18 views

Cross site scripting

3.5CVSS5AI score0.00615EPSS

Prion•added 2016/09/01 10:59 a.m.•15 views

Cross site scripting

3.5CVSS5AI score0.00802EPSS

RedhatCVE•added 2016/09/01 8:18 a.m.•20 views

CVE-2016-5148

Cross-site scripting XSS vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS UXSS."...

8.8CVSS3.8AI score0.01246EPSS

Prion•added 2016/09/01 1:59 a.m.•14 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM BigFix Platform formerly Tivoli Endpoint Manager 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HTML via a modified .beswrpt file...

4.3CVSS5.9AI score0.00765EPSS

Cvelist•added 2016/09/01 1:0 a.m.•23 views

CVE-2016-0293

5.9AI score0.00765EPSS

Prion•added 2016/08/29 5:59 p.m.•14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01062EPSS

NVD•added 2016/08/29 5:59 p.m.•12 views

CVE-2016-5721

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.01062EPSS

Cvelist•added 2016/08/29 5:0 p.m.•14 views

CVE-2016-5721

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.3AI score0.01062EPSS