CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5077 matches found

CNVD•added 2017/07/27 12:0 a.m.•2 views

NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-26595)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5. A remote attacker can use the javascript: or data: URL in the UBBCode url tag to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.00671EPSS

Exploits1References1

CNVD•added 2017/07/25 12:0 a.m.•1 views

IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2017-25756)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WAS. A...

5.4CVSS5.6AI score0.01049EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•3 views

IBM Rhapsody DM Cross-Site Scripting Vulnerability

IBM Rhapsody Design Manager DM is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models, as well as software to automate design reviews. A cross-site...

5.4CVSS5.5AI score0.0072EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•3 views

IBM Rational Software Architect Design Manager Cross-Site Scripting Vulnerability

5.4CVSS5.5AI score0.0054EPSS

Exploits0References1

Veracode•added 2017/07/24 9:19 p.m.•4 views

Cross-Site Scripting (XSS)

marked is vulnerable to cross-site scripting XSS attacks. The library does not sanitize strings encoded in base64, allowing a malicious user to inject and execute arbitrary javascript...

6.1AI score

Exploits0

CNVD•added 2017/07/20 12:0 a.m.•2 views

IBM Tivoli Endpoint Manager Cross-Site Scripting Vulnerability (CNVD-2017-21771)

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A cross-site scripting vulnerability exists in IBM BigFix Platform. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript code into the Web ...

6.1CVSS6.4AI score0.01317EPSS

Exploits0References1

NVD•added 2017/07/17 1:18 p.m.•20 views

CVE-2017-2335

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

8.4CVSS6.7AI score0.01078EPSS

Exploits0References3

Prion•added 2017/07/17 1:18 p.m.•16 views

Cross site scripting

3.5CVSS5.5AI score0.01078EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/07/14 2:0 p.m.•32 views

CVE-2017-2338 ScreenOS: XSS vulnerability in ScreenOS Firewall

8.4CVSS7.2AI score0.01078EPSS

Exploits0References3

Cvelist•added 2017/07/14 2:0 p.m.•34 views

CVE-2017-2336 ScreenOS: XSS vulnerability in ScreenOS Firewall

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker...

9.6CVSS7.3AI score0.01194EPSS

Exploits0References3

CNVD•added 2017/07/14 12:0 a.m.•3 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. A remote attacker could use this...

5.4CVSS5.5AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/14 12:0 a.m.•0 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability (CNVD-2017-23341)

5.4CVSS5.5AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•2 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability

IBM Emptoris Sourcing is a source-to-contract solution from the US company. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM...

5.4CVSS6.4AI score0.00974EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•2 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability (CNVD-2017-21231)

IBM Emptoris Sourcing is a source-to-contract solution from IBM USA. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM Emptoris...

5.4CVSS6.4AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•3 views

IBM Information Server Framework and InfoSphere Information Server on Cloud Cross-Site Scripting Vulnerability

IBM Information Server Framework and InfoSphere Information Server on Cloud are both products of the U.S. company IBM. The former is a set of data integration platform framework; the latter is a set of cloud-based data integration platform. A cross-site scripting vulnerability exists in IBM...

6.1CVSS6.2AI score0.0098EPSS

Exploits0References1

CNVD•added 2017/07/07 12:0 a.m.•2 views

Huawei OceanStor UDS DeviceManager Information Disclosure Vulnerability

Huawei OceanStor UDS is a high-density storage node and distributed storage system based on ARM architecture from Huawei, China.DeviceManager is one of the device management tools. A security vulnerability exists in DeviceManager in Huawei OceanStor UDS V100R002C01SPC101 and earlier versions. A...

7.5CVSS7.6AI score0.00958EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•2 views

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2017-15930)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes easy UI customization, report management and discovery and a streamlined audit process builder. A cross-site scripting vulnerability exists in IBM Security...

6.1CVSS6.4AI score0.00842EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•8 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15922)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability to...

5.4CVSS6.5AI score0.00741EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•3 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15921)

5.4CVSS6.5AI score0.00741EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•3 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15923)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support for decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability t...

5.4CVSS6.5AI score0.00741EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by