CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

411 matches found

CNVD•added 2019/05/31 12:0 a.m.•3 views

Kanboard Cross-Site Scripting Vulnerability

Kanboard is a suite of open source visual task board software. The software is able to customize the panels according to the business. A cross-site scripting vulnerability exists in the app / Core / Paginator.php file in versions prior to Kanboard 1.2.8. A remote attacker can exploit this...

6.1CVSS6.4AI score0.00285EPSS

Exploits1References1

CNVD•added 2019/03/20 12:0 a.m.•1 views

Columbia Weather Systems Weather MicroServer Cross-Site Scripting Vulnerability

Columbia Weather Systems Weather MicroServer is a weather monitoring device from Columbia Weather Systems, USA. A cross-site scripting vulnerability exists in Columbia Weather Systems Weather MicroServer MS2.6.9900 and prior versions, which arises from the program failing to properly validate...

5.4CVSS6.5AI score0.00118EPSS

Exploits0References1

CNVD•added 2019/03/06 12:0 a.m.•2 views

Dradis Cross-Site Scripting Vulnerability

Dradis is a suite of reporting and collaboration tools for information security teams. A cross-site scripting vulnerability exists in Dradis Community Edition version 3.11 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary script in a user's browser...

5.4CVSS6.5AI score0.00195EPSS

Exploits0References1

CNVD•added 2019/02/21 12:0 a.m.•2 views

Cisco HyperFlex Cross-Site Scripting Vulnerability

Cisco HyperFlex Software is the United States Cisco Cisco company's set of scalable distributed file system. The system provides unified computing, storage and networking through cloud management, and provides enterprise-class data management and optimization services. A cross-site scripting...

6.1CVSS6.6AI score0.0012EPSS

Exploits0References1

CNVD•added 2019/02/15 12:0 a.m.•3 views

SAP Web Intelligence BI LaunchPad Cross-Site Scripting Vulnerability

SAP Web Intelligence BI LaunchPad is a Java- or HTML-based user interface for use in BusinessObjects tools from SAP, Germany. The product is mainly used to perform analytical reporting and data analysis. A cross-site scripting vulnerability in SAP Web Intelligence BI LaunchPad versions 4.10 and...

5.4CVSS6.8AI score0.003EPSS

Exploits0References1

CNVD•added 2019/02/15 12:0 a.m.•3 views

Microsoft Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-24386)

Microsoft Team Foundation Server is a source code management, project management, and team collaboration platform within an application lifecycle management ALM tool suite. A cross-site scripting vulnerability in Microsoft Team Foundation Server 2018 Update version 3.2, which stems from the progr...

5.4CVSS6.5AI score0.00835EPSS

Exploits0References1

Japan Vulnerability Notes•added 2019/01/22 2:47 a.m.•1 views

Cross-site Scripting Vulnerability in Hitachi Device Manager

Overview A Cross-site Scripting Vulnerability was found in Hitachi Device Manager. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.7CVSS6.6AI score

Exploits0References2

CNVD•added 2019/01/11 12:0 a.m.•2 views

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. A cross-site scripting vulnerability exists in the web-based management interface in Cisco TelePresence Management Suite TMS, which can be exploited by a remote attacker with the help of a specially crafted link to...

6.1CVSS6.5AI score0.0012EPSS

Exploits0References1

CNVD•added 2019/01/09 12:0 a.m.•1 views

SAP CRM WebClient UI Cross-Site Scripting Vulnerability

SAP CRM Customer Relationship Management is a set of German SAP SAP customer relationship management solutions. The program includes sales management, marketing management, customer service system and other modules. SAP CRM WebClient UI is one of the Web client interface. A cross-site scripting...

5.4CVSS6.7AI score0.00299EPSS

Exploits0References1

CNVD•added 2018/12/28 12:0 a.m.•2 views

WESEEK GROWI Cross-Site Scripting Vulnerability (CNVD-2019-04901)

WESEEK GROWI is a suite of team collaboration software from WESEEK Japan. A cross-site scripting vulnerability exists in WESEEK GROWI 3.2.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary script in a user's web browser...

5.4CVSS6.7AI score0.00151EPSS

Exploits0References1

CNVD•added 2018/11/16 12:0 a.m.•1 views

Microsoft Azure App Services on Azure Stack Cross-Site Scripting Vulnerability

Microsoft Azure App Services on Azure Stack is a suite of Platform-as-a-Service PaaS solutions from Microsoft Corporation USA. The product supports the creation of Web, API, and Azure applications for multiple platforms and devices. A cross-site scripting vulnerability exists in Microsoft Azure A...

6.1CVSS6.4AI score0.01098EPSS

Exploits0References1

CNVD•added 2018/10/24 12:0 a.m.•3 views

Mitel ST 14.2 Cross-Site Scripting Vulnerability

Mitel ST is a video conferencing product from Mitel Canada. conferencing is one of the teleconferencing components. A cross-site scripting vulnerability exists in the conferencing component of Mitel ST 14.2 GA29 19.49.9400.0 and prior versions, which stems from the program failing to adequately...

6.1CVSS6.3AI score0.00255EPSS

Exploits0References1

CNVD•added 2018/10/24 12:0 a.m.•2 views

Mitel MiVoice Office 400 web admin component cross-site scripting vulnerability

Mitel MiVoice Office 400 is a small and medium-sized business communications solution from Mitel Canada. The product includes features such as video conferencing, voice calls, etc. web admin is one of the web-based management components. A cross-site scripting vulnerability exists in the web admi...

6.1CVSS6.6AI score0.00231EPSS

Exploits0References1

CNVD•added 2018/10/19 12:0 a.m.•1 views

Symantec Web Isolation Cross-Site Scripting Attack Vulnerability

Symantec Web Isolation is a Web security protection software from Symantec USA. The software is mainly used to prevent malware and phishing attacks, etc. A cross-site scripting vulnerability exists in Symantec Web Isolation version 1.11. A remote attacker can exploit this vulnerability to execute...

6.1CVSS6.2AI score0.00367EPSS

Exploits0References1

CNVD•added 2018/10/17 12:0 a.m.•0 views

PTC ThingWorx Platform Cross-Site Scripting Vulnerability

The PTC ThingWorx Platform is a suite of platforms for developing and deploying industrial IoT applications and augmented reality AR. A cross-site scripting vulnerability exists in SQUEAL in PTC ThingWorx Platform versions 6.5 through 8.2. A remote attacker could exploit the vulnerability to...

5.4CVSS5.5AI score0.00254EPSS

Exploits1References1

CNVD•added 2018/10/10 12:0 a.m.•2 views

Cross-Site Scripting Vulnerability in Multiple Cisco Products

Cisco Webex Events Center, etc. are video conferencing solutions from Cisco USA. A cross-site scripting vulnerability exists in the web-based management interface of several Cisco products, which can be exploited by remote attackers to execute arbitrary script code in the context of the affected...

6.1CVSS6.2AI score0.00281EPSS

Exploits0References1

CNVD•added 2018/09/26 12:0 a.m.•1 views

Multiple Apple products WebKit cross-site scripting vulnerability (CNVD-2018-21002)

Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. iTunes for Windows is a media player and application for the Windows platform. WebKit is one of the web browser engine components...

6.1CVSS6.8AI score0.00548EPSS

Exploits0References1

CNVD•added 2018/09/12 12:0 a.m.•0 views

SAP NetWeaver WebDynpro Java Cross-Site Scripting Vulnerability

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A cross-site scripting vulnerability exists in SAP NetWeaver, which arises from a failure to properly sanitize user-supplied input and can be exploited by a remote attacker to execute arbitrary script...

6.1CVSS6.3AI score0.00418EPSS

Exploits0References1

CNVD•added 2018/09/10 12:0 a.m.•1 views

Cisco Tetration Analytics Cross-Site Scripting Vulnerability

Cisco Tetration Analytics is a hybrid cloud workload protection solution. The product features trust whitelisting, software vulnerability detection and network performance monitoring. A cross-site scripting vulnerability exists in the web-based management interface in Cisco Tetration Analytics,...

6.1CVSS6.2AI score0.00319EPSS

Exploits0References1

CNVD•added 2018/08/14 12:0 a.m.•2 views

Cisco Small Business 300 Series (Sx300) Managed Switches Cross-Site Scripting Vulnerability

Cisco Small Business 300 Series Sx300 Managed Switches is a 300 series switch device from the American company Cisco Cisco. A cross-site scripting vulnerability exists in the web-based management interface of the Cisco Small Business 300 Series Sx300 Managed Switches, which stems from the interfa...

5.4CVSS5.5AI score0.00171EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by