CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

366 matches found

RedhatCVE•added 2026/01/09 12:16 p.m.•6 views

CVE-2018-1000661

jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in JsiLogMsg jsiUtils.c:196 that can result in Crash due to segmentation fault. This attack appear to be exploitable via the victim executing specially crafted javascript code. This vulnerability appears to have been...

6.5CVSS6.9AI score0.00856EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:52 a.m.•5 views

CVE-2022-42715

A reflected XSS vulnerability exists in REDCap before 12.04.18 in the Alerts & Notifications upload feature. A crafted CSV file will, when uploaded, trigger arbitrary JavaScript code execution...

6.1CVSS6.3AI score0.00698EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:50 a.m.•6 views

CVE-2022-37063

All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to Cross Site Scripting XSS due to improper input sanitization. An authenticated remote attacker can execute arbitrary JavaScript code in the web management interface. A successful exploit could allow the...

5.4CVSS5.1AI score0.01285EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 10:48 a.m.•6 views

CVE-2022-31470

An XSS vulnerability in the indexmobilechangepass.hsp reset-password section of Axigen Mobile WebMail before 10.2.3.12 and 10.3.x before 10.3.3.47 allows attackers to run arbitrary Javascript code that, using an active end-user session for a logged-in user, can access and retrieve mailbox content...

6.1CVSS6.3AI score0.52088EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 9:26 a.m.•6 views

CVE-2023-31928

A reflected cross-site scripting XSS vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools...

6.3CVSS6AI score0.00394EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:34 a.m.•15 views

CVE-2024-41746

IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

7.2CVSS6.1AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:35 a.m.•7 views

CVE-2019-7173

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...

4.8CVSS6.1AI score0.0061EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:34 a.m.•5 views

CVE-2019-7340

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...

6.1CVSS6AI score0.00873EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:33 a.m.•9 views

CVE-2019-7342

POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterAutoExecuteCmd' parameter value in the view filter filter.php because proper filtration is omitted...

6.1CVSS6AI score0.00989EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:33 a.m.•19 views

CVE-2019-7171

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8...

4.8CVSS6.1AI score0.0061EPSS

Exploits1References1