CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5935 matches found

Vulnrichment•added 2025/06/10 10:18 p.m.•4 views

CVE-2025-46920 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

4.6CVSS5.4AI score0.00268EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:18 p.m.•5 views

CVE-2025-46875 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79)

Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting XSS vulnerability. If a low privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS0.00253EPSS

Exploits0References1

CVE•added 2025/06/10 10:18 p.m.•49 views

CVE-2025-46875

CVE-2025-46875 applies to Adobe Experience Manager 6.5.22 and earlier, with a reflected XSS flaw. A low-privilege attacker convincing a victim to visit a vulnerable URL can cause malicious JavaScript to run in the victim’s browser. The connected advisories/feeds confirm the issue and recommend up...

5.4CVSS5.1AI score0.00253EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/06/10 10:18 p.m.•7 views

CVE-2025-47113 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00242EPSS

Exploits0References1

CVE•added 2025/06/10 10:18 p.m.•51 views

CVE-2025-46940

Adobe Experience Manager CVE-2025-46940 affects AEM 6.5.22 and earlier with a stored XSS flaw in vulnerable form fields. A low-privileged attacker could inject malicious scripts, which may execute in a victim’s browser when they visit a page containing the field. The CVSSv3.1 base score is 5.4 (M...

5.4CVSS5AI score0.00293EPSS

Exploits0References1Affected Software1

CVE•added 2025/06/10 10:18 p.m.•48 views

CVE-2025-46911

Adobe Experience Manager (AEM) 6.5.22 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. The issue can be exploited by a high-privilege attacker to inject malicious scripts, with execution of JavaScript in the victim’s browser on visiting the v...

4.8CVSS4.6AI score0.00307EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/06/10 10:18 p.m.•7 views

CVE-2025-47083 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00242EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:18 p.m.•4 views

CVE-2025-47083 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00242EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:18 p.m.•6 views

CVE-2025-47076 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00268EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:18 p.m.•2 views

CVE-2025-47076 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00268EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•2 views

CVE-2025-47010 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00298EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•2 views

CVE-2025-46972 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.4AI score0.00268EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•3 views

CVE-2025-47051 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.4AI score0.00273EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•3 views

CVE-2025-46881 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00293EPSS

Exploits0References1

Vulnrichment•added 2025/06/10 10:17 p.m.•4 views

CVE-2025-47003 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS5.4AI score0.00273EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•5 views

CVE-2025-46960 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00268EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•6 views

CVE-2025-46934 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00293EPSS

Exploits0References1

Cvelist•added 2025/06/10 10:17 p.m.•5 views

CVE-2025-46912 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

5.4CVSS0.00293EPSS

Exploits0References1

OSV•added 2025/06/10 6:32 p.m.•3 views

GHSA-J934-VJH5-VF9R Magneto contains stored XSS vulnerability

Magento versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a...

9.1CVSS5.4AI score0.007EPSS

Exploits0References3

RedHat Linux•added 2025/06/10 4:52 p.m.•3 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00351EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by