CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3736 matches found

OSV•added 2016/11/30 11:59 a.m.•2 views

CVE-2016-2934

Cross-site scripting XSS vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References3

OSV•added 2016/11/10 7:0 a.m.•1 views

CVE-2016-7251

Cross-site scripting XSS vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."...

6.1CVSS6AI score

Exploits0References3

CNVD•added 2016/11/04 12:0 a.m.•1 views

Moodle CMS Cross-Site Scripting Vulnerability

Moodle is an open source course management system CMS, also known as a learning management system LMS. A cross-site scripting vulnerability exists in Moodle CMS 3.1.2 and prior versions. Due to the program failing to adequately filter user-submitted input. Allows remote attackers to inject...

6.1CVSS6AI score0.00239EPSS

Exploits1References1

OSV•added 2016/10/17 12:0 a.m.•1 views

UBUNTU-CVE-2016-5181

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted execution of v8 microtasks while the DOM was in an inconsistent state, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via crafted HTML pages...

6.1CVSS7.2AI score0.00346EPSS

Exploits0References3

Vulnerability Lab•added 2016/10/09 12:0 a.m.•27 views

Contenido v4.9.11 - (Backend) Multiple XSS Vulnerabilities

Document Title: =============== Contenido v4.9.11 - Backend Multiple XSS Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1928 Release Date: ============= 2016-10-09 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score

Exploits0

OSV•added 2016/10/06 10:59 a.m.•1 views

CVE-2016-6436

Cross-site scripting XSS vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/10/06 10:59 a.m.•1 views

CVE-2016-6425

Cross-site scripting XSS vulnerability in Cisco Unified Intelligence Center CUIC 8.5.4 through 9.11, as used in Unified Contact Center Express 10.01 through 11.01, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652...

6.1CVSS5.9AI score

Exploits0References3

OSV•added 2016/09/29 10:59 a.m.•2 views

CVE-2016-5061

Multiple cross-site scripting XSS vulnerabilities in the web server in Aternity before 9.0.1 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPAgent, 2 MacAgent, 3 getExternalURL, or 4 retrieveTrustedUrl page...

6.1CVSS5.8AI score0.00295EPSS

Exploits0References2

CNVD•added 2016/09/28 12:0 a.m.•1 views

Apple iOS and Safari Safari Reader Cross Site Scripting Vulnerability

Apple iOS and Safari are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Apple Safari is a web browser that is the default browser shipped with Mac OS X and iOS operating systems; Safari Reader is one of the browser's own Reader component. A cross-site...

6.1CVSS5.5AI score0.005EPSS

Exploits0References1

RedHat Linux•added 2016/09/12 7:39 p.m.•2 views

chromium-browser: universal xss using devtools

Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...

6.1CVSS7.5AI score0.00415EPSS

Exploits0References5

OSV•added 2016/09/11 10:59 a.m.•1 views

CVE-2016-5165

Cross-site scripting XSS vulnerability in the Developer Tools aka DevTools subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a...

6.1CVSS7AI score

Exploits0References12

OSV•added 2016/09/11 10:59 a.m.•2 views

CVE-2016-5148

Cross-site scripting XSS vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS UXSS."...

6.1CVSS7AI score

Exploits0References12

OSV•added 2016/09/07 6:59 p.m.•1 views

CVE-2016-7033

Multiple cross-site scripting XSS vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00216EPSS

Exploits0References3

OSV•added 2016/08/29 5:59 p.m.•2 views

CVE-2016-5721

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/08/23 2:11 a.m.•2 views

CVE-2016-6365

Cross-site scripting XSS vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/08/22 10:59 a.m.•1 views

CVE-2016-6359

Cross-site scripting XSS vulnerability in Cisco Transport Gateway Installation Software 4.14.0 on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/08/19 9:59 p.m.•2 views

CVE-2016-3195

Cross-site scripting XSS vulnerability in the Web-UI in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References3

OSV•added 2016/08/19 9:59 p.m.•2 views

CVE-2016-3194

Cross-site scripting XSS vulnerability in the address added page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00296EPSS

Exploits0References3

OSV•added 2016/08/09 8:59 p.m.•2 views

CVE-2016-4168

Cross-site scripting XSS vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00641EPSS

Exploits0References3

OSV•added 2016/08/03 1:59 a.m.•1 views

CVE-2016-4833

Cross-site scripting XSS vulnerability in the Nofollow Links plugin before 1.0.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by