Lucene search
K

133 matches found

CNVD
CNVD
added 2018/02/27 12:0 a.m.27 views

Microsoft Identity Manager Elevation of Privilege Vulnerability

Microsoft Identity Manager 2016 SP1 is a local identity management and access management solution from Microsoft Corporation USA. The solution supports synchronizing identities across directories, databases, and applications, and improves administrative security through policies, privileged acces...

6.1CVSS6.8AI score0.02467EPSS
Exploits0References1
OSV
OSV
added 2017/10/24 6:33 p.m.25 views

GHSA-PC3M-V286-2JWJ actionview Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers...

6.1CVSS6AI score0.03438EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.38 views

actionview Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers...

6.1CVSS3.7AI score0.03438EPSS
Exploits0References14Affected Software1
NVD
NVD
added 2017/02/22 4:59 p.m.18 views

CVE-2016-9910

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS5.9AI score0.02141EPSS
Exploits0References7
OSV
OSV
added 2017/02/22 4:59 p.m.3 views

DEBIAN-CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS6.1AI score0.02141EPSS
Exploits0References1
Prion
Prion
added 2017/02/22 4:59 p.m.14 views

Cross site scripting

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

4.3CVSS5.9AI score0.02141EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2017/02/22 4:59 p.m.17 views

PYSEC-2017-15

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS4.4AI score0.02141EPSS
Exploits0References8
Prion
Prion
added 2017/02/22 4:59 p.m.11 views

Cross site scripting

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

4.3CVSS5.8AI score0.02141EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added 2017/02/22 4:59 p.m.11 views

PYSEC-2017-15

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS6.2AI score0.02141EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added 2017/02/22 4:59 p.m.8 views

PYSEC-2017-14

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS6.1AI score0.02141EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2017/02/22 4:59 p.m.18 views

CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS5.8AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/02/22 4:59 p.m.15 views

CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS6.3AI score0.02141EPSS
Exploits0References5
OSV
OSV
added 2017/02/22 4:59 p.m.6 views

UBUNTU-CVE-2016-9910

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS6.3AI score0.02141EPSS
Exploits0References4
NVD
NVD
added 2017/02/22 4:59 p.m.17 views

CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS5.8AI score0.02141EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2017/02/22 4:59 p.m.22 views

CVE-2016-9910

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS6.3AI score0.02141EPSS
Exploits0References3
OSV
OSV
added 2017/02/22 4:59 p.m.3 views

UBUNTU-CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

6.1CVSS6.3AI score0.02141EPSS
Exploits0References6
OSV
OSV
added 2017/02/22 4:59 p.m.3 views

DEBIAN-CVE-2016-9910

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS5.8AI score0.02141EPSS
Exploits0References1
CVE
CVE
added 2017/02/22 4:0 p.m.70 views

CVE-2016-9910

CVE-2016-9910 affects the html5lib serializer prior to 0.99999999 and enables cross-site scripting (XSS) through mishandling of special characters in attribute values, a distinct issue from CVE-2016-9909. The connected documents confirm this is a separate vulnerability entry without additional ex...

6.1CVSS5.8AI score0.02141EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2017/02/22 4:0 p.m.86 views

CVE-2016-9909

CVE-2016-9909 affects the html5lib serializer prior to 0.99999999. The vulnerability arises from improper handling of the

6.1CVSS5.7AI score0.02141EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/02/22 4:0 p.m.23 views

CVE-2016-9909

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...

5.8AI score0.02141EPSS
Exploits0References7
Rows per page
Query Builder