CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

NVD•added 2015/07/08 3:59 p.m.•13 views

CVE-2015-5454

Cross-site scripting XSS vulnerability in Nucleus CMS allows remote attackers to inject arbitrary web script or HTML via the title parameter when adding a new item...

4.3CVSS5.7AI score0.01636EPSS

Exploits1References4

CVE•added 2015/07/08 3:0 p.m.•53 views

CVE-2015-5456

PivotX is affected by CVE-2015-5456: an XSS in the form method (modules/formclass.php) present in PivotX versions before 2.3.11. The vulnerability is triggered via PATH_INFO (related to PHP_SELF) and form actions, allowing remote injection of script/html with no authentication. NVD notes CVSSv2 b...

4.3CVSS5.9AI score0.02075EPSS

Exploits1References6Affected Software1

OpenVAS•added 2015/07/08 12:0 a.m.•37 views

Apple Safari Multiple Vulnerabilities-01 (Jul 2015) - Mac OS X

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

6.8CVSS7.7AI score0.02766EPSS

Exploits0References5

Prion•added 2015/07/07 2:59 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

4.3CVSS6.3AI score0.0117EPSS

Exploits0References1

NVD•added 2015/07/07 2:59 p.m.•15 views

CVE-2015-2850

4.3CVSS5.9AI score0.0117EPSS

Exploits0References1

Prion•added 2015/07/06 3:59 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Node Field module 7.x-2.x before 7.x-2.45 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors involving internal fields...

3.5CVSS5.6AI score0.00954EPSS

Exploits0References3Affected Software1

Cvelist•added 2015/07/06 2:55 p.m.•25 views

CVE-2014-9739

5.3AI score0.00954EPSS

Exploits0References3

Cvelist•added 2015/07/06 2:55 p.m.•20 views

CVE-2014-3653

Cross-site scripting XSS vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template...

5.4AI score0.01917EPSS

Exploits1References4

Prion•added 2015/07/04 2:59 p.m.•19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

3.5CVSS5.7AI score0.01075EPSS

Exploits0References2Affected Software5

NVD•added 2015/07/04 2:59 p.m.•21 views

CVE-2015-0551

3.5CVSS5.5AI score0.01075EPSS

Exploits0References2

Cvelist•added 2015/07/04 2:0 p.m.•21 views

CVE-2015-0551

5.5AI score0.01075EPSS

Exploits0References2

Prion•added 2015/07/02 2:59 p.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask...

3.5CVSS5.8AI score0.02019EPSS

Exploits5References6Affected Software1

NVD•added 2015/07/01 4:59 p.m.•16 views

CVE-2015-5356

Cross-site scripting XSS vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter...

4.3CVSS5.7AI score0.01786EPSS

Exploits0References3

Prion•added 2015/07/01 4:59 p.m.•12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 post-content or 2 post-title parameter to admin/edit.php...

4.3CVSS6AI score0.01917EPSS

Exploits1References3Affected Software1

Cvelist•added 2015/07/01 4:0 p.m.•19 views

CVE-2015-5355

5.8AI score0.01917EPSS

Exploits1References3

NVD•added 2015/06/30 2:59 p.m.•13 views

CVE-2015-5151

Cross-site scripting XSS vulnerability in the Slider Revolution revslider plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the clientaction parameter in a revsliderajaxaction action to wp-admin/admin-ajax.php...

4.3CVSS5.8AI score0.01693EPSS

Exploits1References2

Prion•added 2015/06/30 2:59 p.m.•13 views

Cross site scripting

4.3CVSS6.2AI score0.01693EPSS

Exploits1References2Affected Software1

Prion•added 2015/06/30 2:59 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the 1 query parameter in the runqueryeditorquery module to CustomReportHandler.do, 2 compAcct parameter to jsp/ResetADPwd.jsp,...

3.5CVSS5.6AI score0.04256EPSS

Exploits1References3Affected Software1

NVD•added 2015/06/28 10:59 p.m.•18 views

CVE-2015-0131

Cross-site scripting XSS vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified...

3.5CVSS5.2AI score0.00783EPSS

Exploits0References1

Prion•added 2015/06/28 7:59 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.01075EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by