CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6892 matches found

Debian CVE•added 2014/09/11 2:0 p.m.•13 views

CVE-2014-6070

Removed by vendor...

4.3CVSS6.7AI score0.03582EPSS

Exploits6

UbuntuCve•added 2014/09/10 10:55 a.m.•18 views

CVE-2014-5313

Cross-site scripting XSS vulnerability in the management page in Six Apart Movable Type before 5.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS6AI score0.00967EPSS

Exploits0References4

Prion•added 2014/09/10 10:55 a.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.5AI score0.011EPSS

Exploits0References4Affected Software1

Prion•added 2014/09/10 1:55 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."...

4.3CVSS5.2AI score0.10916EPSS

Exploits0References4Affected Software1

Prion•added 2014/09/04 2:55 p.m.•21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI...

4.3CVSS6.2AI score0.10456EPSS

Exploits2References6Affected Software1

Cvelist•added 2014/09/04 2:0 p.m.•27 views

CVE-2012-4768

5.8AI score0.10456EPSS

Exploits2References6

Cvelist•added 2014/09/03 2:0 p.m.•35 views

CVE-2012-4226

Multiple cross-site scripting XSS vulnerabilities in Quick Post Widget plugin 1.9.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 Title, 2 Content, or 3 New category field to wordpress/ or 4 query string to wordpress/...

5.9AI score0.02041EPSS

Exploits2References5

Cvelist•added 2014/09/02 10:0 a.m.•22 views

CVE-2014-3861

Cross-site scripting XSS vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element...

5.6AI score0.01489EPSS

Exploits1References3

Prion•added 2014/08/29 1:55 p.m.•13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in event/index2.do in ManageEngine EventLog Analyzer before 9.0 build 9002 allow remote attackers to inject arbitrary web script or HTML via the 1 width, 2 height, 3 url, 4 helpP, 5 tab, 6 module, 7 completeData, 8 RBBNAME, 9 TC, 10 rtype, 11...

4.3CVSS6.1AI score0.03634EPSS

Exploits0References3Affected Software1

Debian CVE•added 2014/08/22 5:0 p.m.•25 views

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

4.3CVSS8AI score0.02074EPSS

Exploits1

NVD•added 2014/08/22 2:55 p.m.•14 views

CVE-2014-5121

Multiple cross-site scripting XSS vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.9AI score0.02424EPSS

Exploits0References3

Prion•added 2014/08/22 2:55 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a 1...

4.3CVSS6.1AI score0.08194EPSS

Exploits0References9Affected Software1

Prion•added 2014/08/22 2:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS6.1AI score0.02424EPSS

Exploits0References3Affected Software1

OSV•added 2014/08/22 1:55 a.m.•7 views

CVE-2014-5274

Cross-site scripting XSS vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js...

5AI score

Exploits0References5

Debian CVE•added 2014/08/22 1:0 a.m.•31 views

CVE-2014-5273

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x before 4.1.14.3, and 4.2.x before 4.2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 browse table page, related to js/sql.js; 2 ENUM editor page, related to...

3.5CVSS5.4AI score0.01706EPSS

Exploits1

NVD•added 2014/08/19 7:55 p.m.•16 views

CVE-2014-5345

Cross-site scripting XSS vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step parameter...

4.3CVSS5.8AI score0.06095EPSS

Exploits1References5

NVD•added 2014/08/19 6:55 p.m.•10 views

CVE-2014-5344

Multiple cross-site scripting XSS vulnerabilities in the Mobiloud mobiloud-mobile-app-plugin plugin before 2.3.8 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.01571EPSS

Exploits0References2

Prion•added 2014/08/19 6:55 p.m.•11 views

Cross site scripting

4.3CVSS6.2AI score0.01571EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/08/19 6:0 p.m.•19 views

CVE-2014-5344

5.9AI score0.01571EPSS

Exploits0References2

Cvelist•added 2014/08/19 6:0 p.m.•23 views

CVE-2014-5343