CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

814 matches found

RedhatCVE•added 2020/04/29 12:39 p.m.•22 views

CVE-2020-6808

When a JavaScript URL javascript: is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL as reported by the document.location property, for example was the originating javascript: URL which could lead to...

6.5CVSS0.3AI score0.00266EPSS

Exploits0References4

NVD•added 2020/03/25 10:15 p.m.•11 views

CVE-2020-6808

6.5CVSS7AI score0.00266EPSS

Exploits0References2

Cvelist•added 2020/03/25 9:13 p.m.•18 views

CVE-2020-6808

7AI score0.00266EPSS

Exploits0References2

AlpineLinux•added 2020/03/25 9:13 p.m.•36 views

CVE-2020-6808

6.5CVSS7.2AI score0.00266EPSS

Exploits0

Debian CVE•added 2020/03/25 9:13 p.m.•24 views

CVE-2020-6808

6.5CVSS7.9AI score0.00266EPSS

Exploits0

UbuntuCve•added 2020/03/11 12:0 a.m.•23 views

CVE-2020-6808

6.5CVSS6.9AI score0.00266EPSS

Exploits0References3

Github Security Blog•added 2020/03/05 10:9 p.m.•96 views

Local file disclosure in PHPMailer

An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base...

5.5CVSS0.1AI score0.02922EPSS

Exploits6References9Affected Software1

NVD•added 2019/12/08 2:15 a.m.•15 views

CVE-2019-19630

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hdstrlcpy function in string.c when called from rendercontents in ps-pdf.cxx via a crafted HTML document...

7.8CVSS7.6AI score0.00538EPSS

Exploits1References5

OSV•added 2019/12/08 2:15 a.m.•1 views

DEBIAN-CVE-2019-19630

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hdstrlcpy function in string.c when called from rendercontents in ps-pdf.cxx via a crafted HTML document...

7.8CVSS7.8AI score0.00538EPSS

Exploits1References1

Cvelist•added 2019/12/08 1:57 a.m.•17 views

CVE-2019-19630

HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hdstrlcpy function in string.c when called from rendercontents in ps-pdf.cxx via a crafted HTML document...

7.7AI score0.00538EPSS

Exploits1References5

NVD•added 2019/12/02 4:15 a.m.•9 views

CVE-2019-19496

Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...

5.4CVSS5.2AI score0.00281EPSS

Exploits1References2

Prion•added 2019/12/02 4:15 a.m.•10 views

Design/Logic Flaw

Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...

3.5CVSS5.1AI score0.00281EPSS

Exploits1References2Affected Software1

Cvelist•added 2019/12/02 3:1 a.m.•18 views

CVE-2019-19496

Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...

5.2AI score0.00281EPSS

Exploits1References2

Prion•added 2019/11/14 9:15 p.m.•10 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions e.g., delete application users by sending a crafted HTML document or encoded URL to a user that the website trusts. The user...

5.8CVSS6.6AI score0.00115EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2019/11/08 8:5 p.m.•19 views

Cross-site scripting in Dolibarr