CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

SUSE CVE•added 2023/02/15 5:36 a.m.•1 views

SUSE CVE-2013-4415

Multiple cross-site scripting XSS vulnerabilities in Spacewalk and Red Hat Network RHN Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 whereCriteria variable in a software channels search; 2 endyear, 3 starthour, 4 endampm, 5 endday, 6 endhour, 7 endminute, 8...

4.3CVSS6AI score0.0033EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4996

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted database name, 2 a crafted user name, 3 a crafted logo URL in the navigation panel, 4 a...

4.3CVSS5.8AI score0.00277EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:34 a.m.•1 views

SUSE CVE-2013-6451

Cross-site scripting XSS vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values...

6.1CVSS7.1AI score0.00301EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:31 a.m.•1 views

SUSE CVE-2014-0531

Cross-site scripting XSS vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to...

4.3CVSS6.1AI score0.00974EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:30 a.m.•1 views

SUSE CVE-2014-1695

Cross-site scripting XSS vulnerability in Open Ticket Request System OTRS 3.1.x before 3.1.20, 3.2.x before 3.2.15, and 3.3.x before 3.3.5 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML email...

4.3CVSS6AI score0.03629EPSS

Exploits5References3

SUSE CVE•added 2023/02/15 5:30 a.m.•1 views

SUSE CVE-2014-2065

Cross-site scripting XSS vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie...

4.3CVSS5.7AI score0.00137EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:29 a.m.•1 views

SUSE CVE-2014-2326

Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01268EPSS

Exploits2References4

SUSE CVE•added 2023/02/15 5:28 a.m.•1 views

SUSE CVE-2014-3654

Multiple cross-site scripting XSS vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network RHN Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to 1 kickstart/cobbler/CustomSnippetList.do, 2...

4.3CVSS6AI score0.00302EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 5:24 a.m.•2 views

SUSE CVE-2014-9649

Cross-site scripting XSS vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled in an error message...

4.3CVSS6AI score0.00297EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:20 a.m.•1 views

SUSE CVE-2015-2932

Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element...

4.3CVSS6.4AI score0.00281EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:19 a.m.•1 views

SUSE CVE-2015-3219

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...

4.3CVSS6AI score0.00408EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 5:15 a.m.•3 views

SUSE CVE-2015-6502

Cross-site scripting XSS vulnerability in the console in Puppet Enterprise before 2015.2.1 allows remote attackers to inject arbitrary web script or HTML via the string parameter, related to Login Redirect...

6.1CVSS6AI score0.0025EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:14 a.m.•2 views

SUSE CVE-2015-6790

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as...

4.3CVSS8.5AI score0.0094EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 5:13 a.m.•1 views

SUSE CVE-2015-7578

Cross-site scripting XSS vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes...

6.1CVSS6AI score0.00166EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 5:12 a.m.•2 views

SUSE CVE-2015-8052

Cross-site scripting XSS vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-8053...

4.3CVSS5.8AI score0.00752EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:7 a.m.•2 views

SUSE CVE-2016-1652

Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS...

6.1CVSS7.4AI score0.00623EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 5:6 a.m.•2 views

SUSE CVE-2016-2103

Multiple cross-site scripting XSS vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via 1 the list1680466951oldfilterval parameter to systems/PhysicalList.do or 2 unspecified vectors involving systems/VirtualSystemsList.do...

6.1CVSS6AI score0.00236EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:6 a.m.•2 views

SUSE CVE-2016-2104

Multiple cross-site scripting XSS vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via 1 the label parameter to admin/BunchDetail.do; 2 the packagename, 3 searchsubscribedchannels, or 4 channelfilter parameter to software/packages/NameOverview.d...

6.1CVSS6AI score0.00301EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:4 a.m.•1 views

SUSE CVE-2016-4003

Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...

6.1CVSS6AI score0.02629EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:2 a.m.•2 views

SUSE CVE-2016-4566

Cross-site scripting XSS vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution SOME attack...

6.1CVSS6.1AI score0.04653EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by