CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4978 matches found

CNVD•added 2017/08/01 12:0 a.m.•1 views

IIBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2017-21252)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability...

6.1CVSS6.4AI score0.00248EPSS

Exploits0References1

Positive Technologies•added 2017/07/31 12:0 a.m.•2 views

PT-2017-2624

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal and Web Content Manager versions 7.0 through 9.0 Description The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure...

6.1CVSS6.2AI score0.00248EPSS

Exploits0References7

CNVD•added 2017/07/28 12:0 a.m.•1 views

Cagintranet Networks GetSimple CMS Cross-Site Scripting Vulnerability

Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in Cagintranet Networks GetSimple CMS...

6.3AI score

Exploits0References1

CNVD•added 2017/07/27 12:0 a.m.•2 views

NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-26595)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5. A remote attacker can use the javascript: or data: URL in the UBBCode url tag to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.0024EPSS

Exploits1References1

CNVD•added 2017/07/25 12:0 a.m.•2 views

IBM Rational Software Architect Design Manager Cross-Site Scripting Vulnerability

IBM Rhapsody Design Manager DM is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models, as well as software to automate design reviews. A cross-site...

5.4CVSS5.5AI score0.00198EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•1 views

IBM Rhapsody DM Cross-Site Scripting Vulnerability

5.4CVSS5.5AI score0.00269EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•1 views

IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2017-25756)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WAS. A...

5.4CVSS5.6AI score0.00403EPSS

Exploits0References1

Veracode•added 2017/07/24 9:19 p.m.•3 views

Cross-Site Scripting (XSS)

marked is vulnerable to cross-site scripting XSS attacks. The library does not sanitize strings encoded in base64, allowing a malicious user to inject and execute arbitrary javascript...

6.1AI score

Exploits0

CNVD•added 2017/07/20 12:0 a.m.•1 views

IBM Tivoli Endpoint Manager Cross-Site Scripting Vulnerability (CNVD-2017-21771)

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A cross-site scripting vulnerability exists in IBM BigFix Platform. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript code into the Web ...

6.1CVSS6.4AI score0.00307EPSS

Exploits0References1

NVD•added 2017/07/17 1:18 p.m.•11 views

CVE-2017-2335

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

8.4CVSS6.7AI score0.00208EPSS

Exploits0References3

Prion•added 2017/07/17 1:18 p.m.•13 views

Cross site scripting

3.5CVSS5.5AI score0.00208EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/07/14 2:0 p.m.•21 views

CVE-2017-2338 ScreenOS: XSS vulnerability in ScreenOS Firewall

8.4CVSS7.2AI score0.00208EPSS

Exploits0References3

Cvelist•added 2017/07/14 2:0 p.m.•19 views

CVE-2017-2336 ScreenOS: XSS vulnerability in ScreenOS Firewall

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker...

9.6CVSS7.3AI score0.00327EPSS

Exploits0References3

CNVD•added 2017/07/14 12:0 a.m.•1 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. A remote attacker could use this...

5.4CVSS5.5AI score0.00269EPSS

Exploits0References1

CNVD•added 2017/07/14 12:0 a.m.•0 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability (CNVD-2017-23341)

5.4CVSS5.5AI score0.00269EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•1 views

IBM Information Server Framework and InfoSphere Information Server on Cloud Cross-Site Scripting Vulnerability

IBM Information Server Framework and InfoSphere Information Server on Cloud are both products of the U.S. company IBM. The former is a set of data integration platform framework; the latter is a set of cloud-based data integration platform. A cross-site scripting vulnerability exists in IBM...

6.1CVSS6.2AI score0.00282EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•1 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability

IBM Emptoris Sourcing is a source-to-contract solution from the US company. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM...

5.4CVSS6.4AI score0.00235EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•2 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability (CNVD-2017-21231)

IBM Emptoris Sourcing is a source-to-contract solution from IBM USA. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM Emptoris...

5.4CVSS6.4AI score0.00269EPSS

Exploits0References1

CNVD•added 2017/07/07 12:0 a.m.•2 views

Huawei OceanStor UDS DeviceManager Information Disclosure Vulnerability

Huawei OceanStor UDS is a high-density storage node and distributed storage system based on ARM architecture from Huawei, China.DeviceManager is one of the device management tools. A security vulnerability exists in DeviceManager in Huawei OceanStor UDS V100R002C01SPC101 and earlier versions. A...

7.5CVSS7.6AI score0.00137EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•3 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15921)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability to...

5.4CVSS6.5AI score0.00272EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by