CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1274 matches found

OSV•added 2024/04/04 9:15 a.m.•3 views

CVE-2024-20800

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages. Malicious JavaScript may be executed in a victim’s browser when they...

5.4CVSS6.2AI score0.00459EPSS

Exploits0References1

CNNVD•added 2024/03/18 12:0 a.m.•3 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.6AI score0.0054EPSS

Exploits0References2

BDU FSTEC•added 2024/03/15 12:0 a.m.•3 views

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of Windows operating system kernels is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created malicious COM objects...

7.3CVSS7.3AI score0.01286EPSS

Exploits0References3

Positive Technologies•added 2024/03/12 12:0 a.m.•2 views

PT-2024-2101 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Windows kernel, allowing an attacker to elevate their privileges using specially crafted malicious COM objects. This can affect th...

7.3CVSS9.1AI score0.01286EPSS

Exploits0References8

OpenVAS•added 2024/03/08 12:0 a.m.•19 views

Fedora: Security Advisory for xerces-j2 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS

Exploits3References2

Fedora•added 2024/03/07 10:33 p.m.•22 views

[SECURITY] Fedora 40 Update: jboss-parent-20-21.fc40

The Project Object Model files for JBoss packages...

8.8CVSS6.9AI score0.02557EPSS

Exploits3

Fedora•added 2024/03/07 10:32 p.m.•26 views

[SECURITY] Fedora 40 Update: apache-commons-parent-66-3.fc40

The Project Object Model files for the apache-commons packages...

8.8CVSS6.9AI score0.02557EPSS

Exploits3

OSV•added 2024/02/26 4:27 p.m.•3 views

CVE-2024-26468

A DOM based cross-site scripting XSS vulnerability in the component index.html of jstrieb/urlpages before commit 035b647 allows attackers to execute arbitrary Javascript via sending a crafted URL...

6.1CVSS5.9AI score0.00429EPSS

Exploits0References1

OSV•added 2023/12/22 12:15 a.m.•2 views

UBUNTU-CVE-2023-49086

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an...

5.4CVSS6.1AI score0.01481EPSS

Exploits1References3

BDU FSTEC•added 2023/12/21 12:0 a.m.•2 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks based on DOM...

5.5CVSS5.9AI score0.00597EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/12/21 12:0 a.m.•1 views

5.5CVSS5.9AI score0.00597EPSS

Exploits0References2Affected Software1

OSV•added 2023/12/15 11:15 a.m.•3 views

CVE-2023-48568

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

5.4CVSS5.7AI score0.00597EPSS

Exploits0References1

OSV•added 2023/12/15 11:15 a.m.•1 views

CVE-2023-48541

5.4CVSS5.7AI score0.00597EPSS

Exploits0References1

OSV•added 2023/12/15 11:15 a.m.•2 views

CVE-2023-48539

5.4CVSS5.7AI score0.00597EPSS

Exploits0References1

OSV•added 2023/12/15 11:15 a.m.•3 views

CVE-2023-48496