CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

876 matches found

CNVD•added 2020/06/04 12:0 a.m.•2 views

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35984)

Navigate CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in the lib/packages/websites/website.class.php file in Navigate CMS 2.8.7 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

6.1CVSS6.4AI score0.00679EPSS

Exploits0References1

CNVD•added 2020/06/03 12:0 a.m.•3 views

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-36524)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A cross-site scripting vulnerability exists in Grafana version 5.3.1. The vulnerabilit...

6.1CVSS7.5AI score0.01192EPSS

Exploits1References1

CNVD•added 2020/06/02 12:0 a.m.•3 views

Red Hat Resteasy Cross-Site Scripting Vulnerability (CNVD-2020-41082)

Red Hat Resteasy is the United States Red Hat Red Hat, a JAX-RS a Java programming language API specification implementation. A cross-site scripting vulnerability exists in Red Hat Resteasy. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.4AI score0.01394EPSS

Exploits1References1

CNVD•added 2020/05/28 12:0 a.m.•1 views

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2020-43687)

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.WebKit is one of the web browser engine components. A cross-site scripting vulnerability exists in the WebKit component of several App...

7.1CVSS8.7AI score0.01083EPSS

Exploits0References1

CNVD•added 2020/05/28 12:0 a.m.•1 views

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2020-43686)

7.1CVSS8.7AI score0.01128EPSS

Exploits0References1

FreeBSD•added 2020/05/27 12:0 a.m.•38 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: User Email Verification Bypass OAuth Flow Missing Email Verification Checks Notification Email Verification Bypass Undisclosed Vulnerability on a Third-Party Rendering Engine Group Sign-Up Restriction Bypass Mirror Project Owner Impersonation Missing Permission Check on Fork...

2AI score

Exploits0References1

CNVD•added 2020/05/19 12:0 a.m.•4 views

MISP Cross-Site Scripting Vulnerability (CNVD-2021-08165)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/View/Events/resolvedattributes.ctp...

6.1CVSS6.1AI score0.00835EPSS

Exploits0References1

CNVD•added 2020/05/14 12:0 a.m.•9 views

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2021-28008)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in the Files PDF viewer in Nextcloud Server versions prior to 18.0.3. The vulnerability stems from a lack of prope...

5.4CVSS6AI score0.01138EPSS

Exploits0References1

CNVD•added 2020/05/14 12:0 a.m.•3 views

SUSE openSUSE Cross-Site Scripting Vulnerability

openSUSE is a set of Linux-based free operating system and open source community project of the German SUSE company. A cross-site scripting vulnerability exists in previous versions of SUSE openSUSE open-build-service 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb. The vulnerability stems from a lack o...

6.5CVSS6.4AI score0.00894EPSS

Exploits0References1

CNVD•added 2020/05/06 12:0 a.m.•7 views

Wiki.js Cross-Site Scripting Vulnerability

Wiki.js is Requarks.io team of a set of Node.js-based and written in JavaScript language open source Wiki software . A cross-site scripting vulnerability exists in the Markdown borderer in Wiki.js versions prior to 2.3.81. The vulnerability stems from a lack of proper validation of client-side da...

6.9CVSS6.1AI score0.0061EPSS

Exploits0References1

CNVD•added 2020/05/06 12:0 a.m.•7 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-28035)

NETGEAR R9000, R7800 and R7500 are a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability to execute...

6.1CVSS6.1AI score0.00647EPSS

Exploits0References1

CNVD•added 2020/04/30 12:0 a.m.•82 views

jQuery cross-site scripting vulnerability (CNVD-2021-26411)

jQuery is a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript , and has a modular , plug-in extensions and other features . A cross-site scripting vulnerability exists in versions of jQuery prior to 3.5.0. The vulnerability...

6.9CVSS7.1AI score0.99019EPSS

Exploits7References1

CNVD•added 2020/04/29 12:0 a.m.•8 views

PHP-Fusion cross-site scripting vulnerability (CNVD-2021-26414)

PHP-Fusion is a Malaysian company PHP-Fusion open source lightweight content management system based on MySql and PHP . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in the banners.php file in PHP-Fusion version 9.03.50. The vulnerabili...

5.4CVSS6.2AI score0.00582EPSS

Exploits1References1

CNVD•added 2020/04/29 12:0 a.m.•8 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-28014)

NETGEAR JNR1010 and others are a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute...

4.8CVSS6.2AI score0.00658EPSS

Exploits0References1

CNVD•added 2020/04/29 12:0 a.m.•2 views

Lexmark Pro910 Cross-Site Scripting Vulnerability

The Lexmark Pro910 is a Pro910 printer from Lexmark USA. A cross-site scripting vulnerability exists in the Lexmark Pro910 series. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side...

5.4CVSS6.4AI score0.00653EPSS

Exploits0

CNVD•added 2020/04/29 12:0 a.m.•2 views

Opmantek Open-AudIT Cross-Site Scripting Vulnerability

Opmantek Open-AudIT is an open source network discovery and auditing program from Opmantek USA. The program intelligently scans networks and network devices and provides status reports. A cross-site scripting vulnerability exists in Opmantek Open-AudIT version 3.3.0. The vulnerability stems from...

5.4CVSS6.4AI score0.02587EPSS

Exploits4References1

CNVD•added 2020/04/28 12:0 a.m.•1 views

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-32431)

6.1CVSS6.6AI score0.01281EPSS

Exploits0References1

CNVD•added 2020/04/28 12:0 a.m.•3 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-28143)

NETGEAR D7800 and others are products of NETGEAR Corporation.NETGEAR D7800 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR WNDR4300 is a wireless router.NETGEAR WNDR4300 is a wireless router. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerabilit...

6.3CVSS6.4AI score0.00773EPSS

Exploits0References1

CNVD•added 2020/04/24 12:0 a.m.•3 views

BigBlueButton Cross-Site Scripting Vulnerability

BigBlueButton is BigBlueButton community of a set of open source Web conferencing system . A cross-site scripting vulnerability exists in BigBlueButton versions prior to 2.2.4. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can...

6.1CVSS6.3AI score0.00947EPSS

Exploits0References1

CNVD•added 2020/04/23 12:0 a.m.•4 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-31239)

NETGEAR D6200 and others are products of NETGEAR Corporation.NETGEAR D6200 is a wireless modem.NETGEAR WNR2020 is a wireless router.NETGEAR R6220 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is a wireless router.NETGEAR WNR2020 is ...

6.1CVSS6.4AI score0.00631EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by