CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

451 matches found

CNVD•added 2020/07/29 12:0 a.m.•1 views

Jalios JCMS Cross-Site Scripting Vulnerability

Jalios JCMS is a suite of integrated enterprise information management solutions from Jalios, a French company. The product includes enterprise social networking, social learning, document management and content management systems. A cross-site scripting vulnerability exists in the...

6.1CVSS6.2AI score0.01261EPSS

Exploits1References1

CNVD•added 2020/07/28 12:0 a.m.•1 views

IBM Intelligent Operations Center Cross-Site Scripting Vulnerability (CNVD-2020-44876)

IBM Intelligent Operations Center IOC is a suite of city operations solutions from IBM in the United States. The product features data visualization and real-time collaboration. A cross-site scripting vulnerability exists in IBM Intelligent Operations Center IOC, which stems from the lack of prop...

5.4CVSS6.4AI score0.00561EPSS

Exploits0References1

CNVD•added 2020/07/27 12:0 a.m.•3 views

Mida Solutions eFramework Cross-Site Scripting Vulnerability (CNVD-2020-42663)

Mida Solutions eFramework is a suite of unified communications and collaboration services from Mida Solutions, Italy. A cross-site scripting vulnerability exists in Mida Solutions eFramework version 2.9.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by...

5.4CVSS6.4AI score0.00557EPSS

Exploits1References1

CNVD•added 2020/07/21 12:0 a.m.•2 views

Torchbox Wagtail Cross-Site Scripting Vulnerability

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A cross-site scripting vulnerability exists in Torchbox Wagtail versions prior to 2.7.4 and prior to 2.9.3. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

5.7CVSS6.3AI score0.01083EPSS

Exploits0References1

OpenVAS•added 2020/07/15 12:0 a.m.•57 views

Eclipse Jetty Vulnerability (CVE-2019-17638) - Windows

Eclipse Jetty is prone to a vulnerability where sensitive information about clients could be obtained. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

9.4CVSS9.2AI score0.11138EPSS

Exploits0References2

Cvelist•added 2020/07/09 6:10 p.m.•28 views

CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

9.4AI score0.11138EPSS

Exploits0References17

CNVD•added 2020/07/06 12:0 a.m.•2 views

We-COM Municipality portal CMS cross-site scripting vulnerability

We-COM Municipality portal CMS is a Content Management System CMS from the Italian company We-COM. A cross-site scripting vulnerability exists in We-COM Municipality portal CMS version 2.1.x. The vulnerability stems from a lack of proper validation of client-side data in the web application and c...

6.1CVSS6.4AI score0.00856EPSS

Exploits1References1

CNVD•added 2020/07/05 12:0 a.m.•1 views

Cross-site scripting vulnerability in Xunrui CMS version 4.3.8 (2020-06-01)

XunRuiCloud Software Development XunRuiCMS XunRuiCMS is an open source content management system CMS from China XunRuiCloud Software Development Company. A cross-site scripting vulnerability exists in XunRui CMS version 4.3.8 2020-06-01. The vulnerability stems from the lack of proper validation ...

6.4AI score

Exploits0

CNVD•added 2020/07/03 12:0 a.m.•8 views

OpenClinic GA Cross-Site Scripting Vulnerability

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. A cross-site scripting vulnerability exists in OpenClinic GA version 5.09.02 and 5.89.05b, which stems from the lack...

6.1CVSS6.1AI score0.01216EPSS

Exploits0References1

CNVD•added 2020/07/03 12:0 a.m.•4 views

CloudBees Jenkins VncRecorder Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . VncRecorder Plugin is used in one of the scre...

6.1CVSS6.4AI score0.00871EPSS

Exploits0References1

CNVD•added 2020/07/03 12:0 a.m.•3 views

CloudBees Jenkins VncRecorder Plugin Cross-Site Scripting Vulnerability (CNVD-2020-50510)

4.8CVSS6.4AI score0.00702EPSS

Exploits0References1

CNVD•added 2020/06/28 12:0 a.m.•6 views

SolarWinds Orion Platform Cross-Site Scripting Vulnerability (CNVD-2021-24893)

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

5.4CVSS6.4AI score0.01134EPSS

Exploits1References1

CNVD•added 2020/06/28 12:0 a.m.•3 views

Boole Server BooleBox Secure File Sharing Utility Cross-Site Scripting Vulnerability

Boole Server BooleBox Secure File Sharing Utility is a file sharing system from Boole Server Italy. The system is mainly used for encrypted file storage and sharing. A cross-site scripting vulnerability exists in Boole Server BooleBox Secure File Sharing Utility. The vulnerability stems from a la...

5.4CVSS6.2AI score0.00576EPSS

Exploits1References1

CNVD•added 2020/06/28 12:0 a.m.•6 views

Bitrix24 Web Application Firewall Cross-Site Scripting Vulnerability

Bitrix24 is a suite of enterprise social platforms from Bitrix, USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management.Web Application Firewall is one of the Web Application Firewalls. A cross-site scripting vulnerability...

6.1CVSS6.2AI score0.04511EPSS

Exploits1References1

CNVD•added 2020/06/22 12:0 a.m.•3 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35338)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.0.0, prior to 3.10.2, and prior to 3.9.2. The vulnerability stems from a lack of proper validation of client data...

6.1CVSS6.3AI score0.0069EPSS

Exploits0References1

CNVD•added 2020/06/22 12:0 a.m.•1 views

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2020-52837)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr ERP/CR...

6.1CVSS6.4AI score0.0081EPSS

Exploits0References1

CNVD•added 2020/06/22 12:0 a.m.•2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-48231)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.3.0, prior to 4.2.1, and prior to 4.1.2. The vulnerability stems from a lack of proper validation of client data ...

6.1CVSS6.3AI score0.00685EPSS

Exploits0References1

CNVD•added 2020/06/22 12:0 a.m.•2 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35463)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.0.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00685EPSS

Exploits0References1

CNVD•added 2020/06/22 12:0 a.m.•3 views

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-35460)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 3.1.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

5.4CVSS6.3AI score0.00556EPSS

Exploits0References1

CNVD•added 2020/06/17 12:0 a.m.•5 views

MONITORAPP AIWAF-VE and AIWAF-4000 Cross-Site Scripting Vulnerabilities

Monitorapp AIWAF-4000 is an application firewall from MONITORAPP Monitorapp, USA. A cross-site scripting vulnerability exists in MONITORAPP AIWAF-VE and AIWAF-4000 2020-06-16 and earlier versions. The vulnerability stems from a lack of proper validation of client data by the WEB application. An...

6.1CVSS6.2AI score0.00996EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by