CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

875 matches found

CNNVD•added 2021/06/30 12:0 a.m.•2 views

Plone 跨站脚本漏洞

Plone is an open source content management system CMS built on the Zope application server. Plone suffers from a cross-site scripting vulnerability in versions 5.0 through 5.2.4 that stems from the fact that if a contributor creates a folder with a SCRIPT tag in the description field, the editor ...

5.4CVSS5.4AI score0.00536EPSS

Exploits0References2

CNNVD•added 2021/06/24 12:0 a.m.•3 views

Shopware 跨站脚本漏洞

Shopware is an open source e-commerce platform. A cross-site scripting vulnerability exists in Shopware versions prior to 5.6.10. An attacker can exploit this vulnerability to inject malicious script into Administration to execute client-side code...

4.8CVSS5.4AI score0.00735EPSS

Exploits0References5

CNVD•added 2021/06/15 12:0 a.m.•17 views

Trace Financial Crest Bridge Cross-Site Scripting Vulnerability

CRESTBridge is a resilient, feature-rich interface for Trace Financial.A cross-site scripting vulnerability exists in Trace Financial Crest Bridge, which can be exploited by attackers to execute client-side code...

5.4CVSS4.8AI score0.00493EPSS

Exploits0References1

CNVD•added 2021/06/15 12:0 a.m.•17 views

Trace Financial CRESTBridge Cross-Site Scripting Vulnerability (CNVD-2021-61763)

CRESTBridge is a resilient, feature-rich interface for Trace Financial.A cross-site scripting vulnerability exists in Trace Financial CRESTBridge, which can be exploited by attackers to execute client-side code...

5.4CVSS5AI score0.00491EPSS

Exploits0References1

Packet Storm•added 2021/06/11 12:0 a.m.•294 views

Backdoor.Win32.Zombam.gen Cross Site Scripting

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Cross Site Scripting XSS Description: Zombam malware listen...

7.4AI score

Exploits0

CNNVD•added 2021/06/10 12:0 a.m.•3 views

Trace Financial Crest Bridge 跨站脚本漏洞

5.4CVSS5.3AI score0.00493EPSS

Exploits0References2

CNVD•added 2021/06/10 12:0 a.m.•15 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2021-40769)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab tha...

6.1CVSS5.8AI score0.00741EPSS

Exploits0References1

CNNVD•added 2021/06/10 12:0 a.m.•4 views

Trace Financial CRESTBridge 跨站脚本漏洞

5.4CVSS5.3AI score0.00491EPSS

Exploits0References2

CNVD•added 2021/06/09 12:0 a.m.•5 views

PageLayer Cross-Site Scripting Vulnerability

PageLayer is a WordPress page builder plugin. It is very easy to use and lightweight on the browser. A cross-site scripting vulnerability exists in PageLayer, which stems from a lack of proper validation of client-side data in PageLayer prior to 1.3.5. An attacker can exploit this vulnerability t...

6.1CVSS6.2AI score0.00827EPSS

Exploits1References1

CNNVD•added 2021/06/07 12:0 a.m.•4 views

PageLayer 跨站脚本漏洞

6.1CVSS5.4AI score0.00827EPSS

Exploits1References2

CNVD•added 2021/06/06 12:0 a.m.•4 views

WordPress plugin cross-site scripting vulnerability (CNVD-2021-41081)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...

4.8CVSS6.1AI score0.01131EPSS

Exploits2References1

CNVD•added 2021/06/04 12:0 a.m.•7 views

noobaa-core cross-site scripting vulnerability

noobaa-core is the application that provides an S3 object storage interface with flexible tiering, mirroring, and distributed placement policies for any storage resource that allows GET/PUT, including S3, GCS, Azure Blob File System, and more. A cross-site scripting vulnerability exists in...

7.1CVSS6.2AI score0.007EPSS

Exploits0References1

CNNVD•added 2021/06/02 12:0 a.m.•2 views

nooba -core 跨站脚本漏洞

7.1CVSS5.3AI score0.007EPSS

Exploits0References2

CNNVD•added 2021/06/01 12:0 a.m.•4 views

CHIYU科技BF-630W 跨站脚本漏洞

BF-630W is a web-based fingerprint-secured single-door biometric reader controller from CHIYU Technology CHIYU Technology suffers from a cross-site scripting vulnerability that stems from an unauthenticated XSS vulnerability in several CHIYU Technology IoT devices, including BF-630, BF-450M,...

6.1CVSS6.1AI score0.05125EPSS

Exploits4References5

CNNVD•added 2021/05/25 12:0 a.m.•2 views

Apple Safari 跨站脚本漏洞

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with Mac OS X and iOS operating systems. A cross-site scripting vulnerability exists in Apple Safari. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attack...

6.1CVSS6.6AI score0.01033EPSS

Exploits0References24

CNVD•added 2021/05/12 12:0 a.m.•6 views

JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2021-35241)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

6.1CVSS6.2AI score0.00747EPSS

Exploits0References1

CNVD•added 2021/05/11 12:0 a.m.•8 views

StackLift LocalStack Cross-Site Scripting Vulnerability

StackLift LocalStack is a StackLift open source application. Provides an easy-to-use testing framework for cloud applications. A cross-site scripting vulnerability exists in StackLift LocalStack version 0.12.6, which stems from a lack of proper validation of client-side data by the WEB applicatio...

6.1CVSS6.1AI score0.00846EPSS

Exploits1References1

CNNVD•added 2021/05/11 12:0 a.m.•4 views

Jetbrains JetBrains TeamCity 跨站脚本漏洞

6.1CVSS5.5AI score0.00747EPSS

Exploits0References1

Cvelist•added 2021/04/01 5:36 p.m.•19 views

CVE-2021-22195

Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to execute code on user system...

8.6CVSS9AI score0.01139EPSS

Exploits0References2

CVE•added 2021/04/01 5:36 p.m.•61 views

CVE-2021-22195

CVE-2021-22195 affects the GitLab VSCode extension (gitlab-vscode-extension) v3.15.0 and earlier. It enables client-side code execution, allowing an attacker to run code on the user’s system. The connected documents corroborate vulnerable component and impact but do not provide exploit steps, spe...

8.6CVSS7.8AI score0.01139EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by