CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3797 matches found

CVE•added 2021/11/16 5:50 p.m.•40 views

CVE-2021-43048

The CVE-2021-43048 vulnerability affects TIBCO PartnerExpress Interior Server and Gateway Server components, specifically versions 6.2.1 and earlier. The issue is a click-jacking vulnerability that can be exploited by an unauthenticated attacker with network access and requires no user interactio...

10CVSS9.4AI score0.01241EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/11/16 5:50 p.m.•15 views

CVE-2021-43048 TIBCO PartnerExpress Click-Jacking vulnerability

The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress contain a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system. A successful attack using this vulnerability...

9.8CVSS9.5AI score0.01241EPSS

Exploits0References2

CNNVD•added 2021/11/16 12:0 a.m.•3 views

TIBCO Partnerexpress 安全漏洞

TIBCO Partnerexpress is a Php-based platform that generates barcodes by product name from TIBCO USA. A security vulnerability exists in the internal server and gateway server components of TIBCO PartnerExpress, versions 6.2.1 and below, which can be exploited by an attacker to perform a...

10CVSS8.3AI score0.01241EPSS

Exploits0References3

Hacker One•added 2021/11/15 12:1 p.m.•46 views

UPchieve: Clickjacking ar https://hackers.upchieve.org/login

I found clickjacking at login page on https://hackers.upchieve.org that can be exploited if the UI overlay can be performed correctly by the attacker. Clickjack test page Website is vulnerable to clickjacking! Click me when you finish : Impact Its login page so if the UI overlay can be performed...

6.9AI score

Exploits0

OpenVAS•added 2021/11/11 12:0 a.m.•20 views

Mozilla Firefox Security Advisory (MFSA2012-54) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

4CVSS9.5AI score0.00898EPSS

Exploits0References3

OpenVAS•added 2021/11/11 12:0 a.m.•17 views

Mozilla Firefox Security Advisory (MFSA2013-94) - Linux

4.3CVSS5.7AI score0.01993EPSS

Exploits0References3

OpenVAS•added 2021/11/11 12:0 a.m.•20 views

Mozilla Firefox Security Advisory (MFSA2014-50) - Linux

5CVSS9.6AI score0.02151EPSS

Exploits0References3

OpenVAS•added 2021/11/11 12:0 a.m.•18 views

Mozilla Firefox Security Advisory (MFSA2013-10) - Linux

6.8CVSS6.4AI score0.02189EPSS

Exploits1References3

OpenVAS•added 2021/11/11 12:0 a.m.•23 views

Mozilla Firefox Security Advisory (MFSA2015-35) - Linux

4.3CVSS9.6AI score0.01481EPSS

Exploits0References3

OpenVAS•added 2021/11/11 12:0 a.m.•21 views

Mozilla Firefox Security Advisory (MFSA2015-26) - Linux

4.3CVSS9.6AI score0.0208EPSS

Exploits0References3

OpenVAS•added 2021/11/08 12:0 a.m.•26 views

Mozilla Firefox Security Advisory (MFSA2016-58) - Linux

8.8CVSS8.7AI score0.01352EPSS

Exploits0References3

OpenVAS•added 2021/11/08 12:0 a.m.•21 views

Mozilla Firefox Security Advisory (MFSA2021-03) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2021-03. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

8.8CVSS7.6AI score0.01323EPSS

Exploits2References13

OSV•added 2021/10/29 2:15 p.m.•1 views

CVE-2021-35237

A missing HTTP header X-Frame-Options in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server...

4.3CVSS5.8AI score0.00929EPSS

Exploits0References2

NVD•added 2021/10/29 2:15 p.m.•12 views

CVE-2021-35237

5CVSS0.00929EPSS

Exploits0References2

Cvelist•added 2021/10/29 1:32 p.m.•20 views

CVE-2021-35237 Clickjacking Vulnerability

5CVSS5.4AI score0.00929EPSS

Exploits0References2

Positive Technologies•added 2021/10/29 12:0 a.m.•2 views

PT-2021-20859 · Unknown · Kiwi Syslog Server

Name of the Vulnerable Software and Affected Versions: Kiwi Syslog Server affected versions not specified Description: A missing HTTP header X-Frame-Options has left customers vulnerable to clickjacking. Clickjacking is an attack where an attacker uses a transparent iframe to trick a user into...

5CVSS6.9AI score0.00929EPSS

Exploits0References5

CNNVD•added 2021/10/29 12:0 a.m.•2 views

Solarwinds Kiwi Syslog Server 安全漏洞

Solarwinds Kiwi Syslog Server is an affordable Syslog management tool for network and system engineers from Solarwinds USA. It is used to receive syslog messages and Snmp traps from network devices routers, switches, firewalls, etc. and Linux®/Unix® hosts. A security vulnerability exists in Kiwi...

5CVSS5.2AI score0.00929EPSS

Exploits0References4

OSV•added 2021/10/19 1:15 p.m.•4 views

CVE-2021-38472

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router’s management portal and could lure the administrator to perform...

4.7CVSS5.8AI score0.00652EPSS

Exploits0References1

NVD•added 2021/10/19 1:15 p.m.•7 views

CVE-2021-38472

4.7CVSS0.00652EPSS

Exploits0References1