CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

CNVD•added 2018/03/28 12:0 a.m.•2 views

SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability

SAP Business Objects Business Intelligence Platform is a set of business intelligence software and enterprise performance management platform from SAP. The platform provides reporting, performance management and data base functions. A cross-site scripting vulnerability exists in SAP Business...

5.4CVSS6.7AI score0.00968EPSS

Exploits0References1

CNVD•added 2018/02/08 12:0 a.m.•2 views

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2018-05492 )

IBM WebSphere Portal consists of middleware, applications called portlets and development tools for building and managing secure business-to-business B2B, business-to-customer B2C and business-to-employee B2E portals. A cross-site scripting vulnerability exists in IBM WebSphere Portal, which coul...

6.1CVSS6.5AI score0.01098EPSS

Exploits0References1

Japan Vulnerability Notes•added 2017/12/01 7:17 a.m.•3 views

Multiple vulnerabilities in multiple Buffalo broadband routers

Overview BBR-4HG and BBR-4MG provided by BUFFALO INC. are wireless LAN routers. BBR-4HG and BBR-4MG contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2017-10896 Improper Input Validation CWE-20 - CVE-2017-10897 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions,...

6.1CVSS6.5AI score0.00713EPSS

Exploits0References8

CNVD•added 2017/11/06 12:0 a.m.•2 views

D-Link DSL-2740E HTML Injection Vulnerability

The D-Link DSL-2740E is a wireless router product from AUO D-Link. A security vulnerability exists in the D-Link DSL-2740E version 1.00BG20150720, which originates from the program failing to properly filter user-submitted input. A remote attacker can exploit the vulnerability to execute arbitrar...

6.1CVSS7.7AI score0.01377EPSS

Exploits1References1

CNVD•added 2017/09/22 12:0 a.m.•2 views

Cisco Unified Intelligence Center Cross-Site Scripting Vulnerability (CNVD-2017-34246)

Cisco Unified Intelligence Center is the management center for the unified communications system of the American company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco Unified Intelligence Center due to the program failing to properly filter user-supplied input. An attacker may...

6.1CVSS6.8AI score0.01714EPSS

Exploits0References1

CNVD•added 2017/09/08 12:0 a.m.•2 views

Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2017-32475)

Cisco Firepower Management Center is a new generation of firewall management center software from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center due to the program failing to properly filter user-supplied input. An attacker could...

5.4CVSS5.6AI score0.01086EPSS

Exploits0References1

CNVD•added 2017/06/30 12:0 a.m.•3 views

Kaspersky Anti-Virus for Linux File Server Reflective Cross-Site Scripting Vulnerability

Kaspersky Anti-Virus for Linux File Server is designed to provide antivirus protection for file servers running under the Linux operating system. A reflected cross-site scripting vulnerability exists in Kaspersky Anti-Virus for Linux File Server. The vulnerability allows an attacker to execute...

6.1CVSS6.5AI score0.02623EPSS

Exploits5References1

CNVD•added 2017/04/24 12:0 a.m.•2 views

Palo Alto Networks PAN-OS Cross-Site Scripting Vulnerability (CNVD-2017-06109)

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. Palo Alto Networks PAN-OS suffers from a cross-site scripting vulnerability due to the program failing to properly filter user-supplied input. An attacker could exploit the...

6.1CVSS6.8AI score0.00961EPSS

Exploits0References1

CNVD•added 2017/04/07 12:0 a.m.•2 views

Fortinet FortiMail Cross-Site Scripting Vulnerability (CNVD-2017-04565)

Fortinet FortiMail is a mail information security appliance from the U.S. company Fita Fortinet, which provides a message filtering engine, anti-spam and threat defense. A cross-site scripting vulnerability exists in Fortinet FortiMail that stems from a failure to properly filter user-supplied...

6.1CVSS6.4AI score0.01106EPSS

Exploits0References1

CNVD•added 2017/03/16 12:0 a.m.•3 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2017-03606)

Cisco Unified Communications Manager CUCM, Unified CM is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting vulnerability exists i...

5.4CVSS6.8AI score0.00855EPSS

Exploits0References1

CNVD•added 2017/02/17 12:0 a.m.•3 views

Cisco Firepower Management Center Cross-Site Scripting Vulnerability (CNVD-2017-01995)

Cisco Firepower Management Center is a new generation of firewall management center software from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in Cisco Firepower Management Center, as the program fails to adequately validate user input. An attacker could exploit this...

5.4CVSS6.6AI score0.00615EPSS

Exploits0References1

CNVD•added 2017/01/17 12:0 a.m.•2 views

HP Diagnostics Cross-Site Scripting Vulnerability

HP Diagnostics is a suite of end-to-end application management, monitoring, diagnostic analysis and troubleshooting solutions from Hewlett-Packard. A cross-site scripting vulnerability exists in HP Diagnostics. An attacker can exploit this vulnerability to execute arbitrary script code in a user'...

5.4CVSS6.7AI score0.0111EPSS

Exploits0References1

CNVD•added 2016/12/01 12:0 a.m.•1 views

Reflective Cross-Site Scripting Vulnerability in Huawei eSpace IAD Products

Huawei eSpace IAD is an integrated access device for Voice over IP and Unified Communications solutions from Huawei, China. A reflective cross-site scripting vulnerability exists in the Huawei eSpace IAD product. An attacker can exploit the vulnerability to run a malicious script in a user's...

6.1CVSS6.1AI score0.00611EPSS

Exploits0References1

CNVD•added 2016/12/01 12:0 a.m.•2 views

IBM iNotes and Domino Cross-Site Scripting Vulnerability (CNVD-2016-11819)

IBM iNotes and Domino are both products of IBM Corporation in the U.S. iNotes is a suite of Web-based e-mail software; Domino is a platform for hosting social business applications. A cross-site scripting vulnerability exists in IBM iNotes and Domino that stems from the program failing to properl...

5.4CVSS6.6AI score0.00717EPSS

Exploits0References1

CNVD•added 2016/11/30 12:0 a.m.•2 views

BigTree CMS 'check-module-integrity.php' Cross-Site Scripting Vulnerability

BigTree CMS is an open source content management system. A cross-site scripting vulnerability exists in BigTree CMS 'check-module-integrity.php'. An attacker could exploit the vulnerability to execute arbitrary script code in a user's browser while browsing the affected site to steal cookie-based...

6.7AI score

Exploits0References1

CNVD•added 2016/10/14 12:0 a.m.•3 views

IBM Jazz Foundation Cross-Site Scripting Vulnerability

IBM Rational Collaborative Lifecycle Management CLM, etc. are products of IBM Corporation in the U.S. IBM Rational CLM, Rational Team Concert RTC and Rational Engineering Lifecycle Manager RELM are collaborative lifecycle management solutions; Rational Requirements Composer RRC and Rational DOORS...

5.4CVSS6.6AI score0.01324EPSS

Exploits0References1

CNVD•added 2016/10/14 12:0 a.m.•5 views

Moxa ioLogik E1200 Arbitrary Code Execution Vulnerability

The Moxa ioLogik E1200 is an intelligent Ethernet I/O product from Moxa. A security vulnerability exists in the Moxa ioLogik E1200 that can be exploited by an attacker to execute arbitrary script code on the browser of an unsuspecting user in the context of an affected site...

8.1CVSS7.5AI score0.01428EPSS

Exploits0References1

CNVD•added 2015/07/30 12:0 a.m.•3 views

Drupal OSF for Drupal Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. osf for Drupal is one of the middle-tier modules that allows customization tools and data display for internally structured data RDF and related vocabularies ontologies. A cross-site...

2.6CVSS6.8AI score0.00913EPSS

Exploits0References1

CNVD•added 2015/07/12 12:0 a.m.•2 views

IPython JSON Error Response Cross-Site Scripting Vulnerability

IPython is an enhanced version of Python's native interactive shell. IPython suffers from cross-site scripting vulnerabilities that could be exploited by attackers to execute arbitrary script code in the context of an affected website in a browser without the user's knowledge. This could allow an...

6.9AI score

Exploits0References1

Exploit DB•added 2015/05/11 12:0 a.m.•29 views

D-Link DSL-500B Gen 2 - URL Filter Configuration Panel Persistent Cross-Site Scripting

!/usr/bin/perl Date dd-mm-aaaa: 13-02-2015 Exploit for D-Link DSL-500B G2 Cross Site Scripting XSS Injection Stored in todmngr.tod URL Filter Developed by Mauricio Corrêa XLabs Information Security WebSite: www.xlabs.com.br CAUTION! This exploit disables some features of the modem, forcing the...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by