CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4541 matches found

ATTACKERKB•added 2016/02/29 11:59 a.m.•0 views

CVE-2016-0244

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a differe...

6.1CVSS6.7AI score0.00256EPSS

Exploits0References3

CNVD•added 2016/02/23 12:0 a.m.•2 views

Sophos UTM Nessus Web UI Cross-Site Scripting Vulnerability

Sophos UTM is a unified threat management appliance. which provides gateway security and endpoint security. The appliance provides gateway security protection and endpoint security protection.Nessus Web UI is one of the components used to access the Nessus Vulnerability Scanner based on a web...

6.1CVSS5.9AI score0.01002EPSS

Exploits2References1

CNVD•added 2016/02/23 12:0 a.m.•1 views

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-01249)

Cybozu Office is a WEB-based cross-platform office solution developed by Cybozu Japan. A cross-site scripting vulnerability in Cybozu Office versions 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6AI score0.00515EPSS

Exploits0References1

CNVD•added 2016/02/23 12:0 a.m.•2 views

Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-01247)

6.1CVSS6AI score0.00515EPSS

Exploits0References1

CNVD•added 2016/02/18 12:0 a.m.•2 views

SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2016-01150)

SAP NetWeaver is SAP SAP company's set of service-oriented integrated application platform. A cross-site scripting vulnerability exists in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver version 7.4. A remote attacker can exploit this vulnerability to inject arbitrary web script or HT...

6.1CVSS6.1AI score0.00226EPSS

Exploits1References1

OSV•added 2016/02/17 2:59 a.m.•0 views

CVE-2016-1150

Cross-site scripting XSS vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1149...

6.1CVSS5.9AI score0.00515EPSS

Exploits0References6

OSV•added 2016/02/17 2:59 a.m.•1 views

CVE-2016-1149

6.1CVSS5.9AI score

Exploits0References6

CNVD•added 2016/02/17 12:0 a.m.•1 views

Apache Solr webapp/web/js/scripts/schema-browser.js cross-site scripting vulnerability

Apache Solr is an enterprise-ready, Lucene-based search server. A cross-site scripting vulnerability exists in webapp/web/js/scripts/schema-browser.js in the Admin UI of Apache Solr versions prior to 5.3. A remote attacker can inject arbitrary web script or HTML via a constructed schema-browse UR...

6.1CVSS5.9AI score0.02552EPSS

Exploits0References1

OSV•added 2016/02/16 2:59 a.m.•1 views

DEBIAN-CVE-2015-7579

Cross-site scripting XSS vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class...

6.1CVSS6.1AI score0.00166EPSS

Exploits1References1

OSV•added 2016/02/16 2:59 a.m.•0 views

UBUNTU-CVE-2015-7578

Cross-site scripting XSS vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes...

6.1CVSS6.8AI score0.00166EPSS

Exploits0References3

CNVD•added 2016/02/08 12:0 a.m.•2 views

Sauter moduWeb Vision Web Server Cross-Site Scripting Vulnerability

Sauter moduWeb Vision is an embedded web-based SCADA system for HVAC. A cross-site scripting vulnerability exists in the web server of Sauter modoWeb Vision, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to...

6.5CVSS6.2AI score0.00182EPSS

Exploits0References1

CNVD•added 2016/02/08 12:0 a.m.•0 views

CloudBees Jenkins CI and LTS Cross-Site Scripting Vulnerability

CloudBees Jenkins CI is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . LTS is a long-term support for CloudBees Jenkins CI version . A...

5.4CVSS6.3AI score0.00289EPSS

Exploits0References1

OSV•added 2016/02/07 11:59 a.m.•1 views

CVE-2016-1305

Cross-site scripting XSS vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM 1.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511...

6.1CVSS5.9AI score0.0025EPSS

Exploits0References2

OSV•added 2016/01/29 7:59 p.m.•3 views

CVE-2015-8793

Cross-site scripting XSS vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the mbox parameter in a mail task to the default URL, a different vulnerability than CVE-2011-2937...

6.1CVSS6AI score

Exploits0References6

OSV•added 2016/01/27 10:59 p.m.•0 views

CVE-2016-1300

Cross-site scripting XSS vulnerability in Cisco Unity Connection UC 10.52.3009 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582...

6.1CVSS5.9AI score

Exploits0References1

OSV•added 2016/01/27 5:59 a.m.•1 views

CVE-2016-0209

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.5AI score

Exploits0References2

ATTACKERKB•added 2016/01/27 5:59 a.m.•0 views

CVE-2016-0209

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.00272EPSS

Exploits0References3

OSV•added 2016/01/22 11:59 a.m.•1 views

CVE-2016-1135

Cross-site scripting XSS vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlie...

6.1CVSS5.9AI score0.00236EPSS

Exploits0References2

CNVD•added 2016/01/15 12:0 a.m.•3 views

Microsoft Exchange Server Cross-Site Scripting Vulnerability (CNVD-2016-00279)

Microsoft Exchange Server is a popular enterprise-class mail server developed by Microsoft. A cross-site scripting vulnerability exists in Microsoft Exchange Server that allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS5.8AI score0.01234EPSS

Exploits0References1

OSV•added 2016/01/13 5:59 a.m.•1 views

CVE-2016-0032

Cross-site scripting XSS vulnerability in Outlook Web Access OWA in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, 2013 Cumulative Update 11, and 2016 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."...

6.1CVSS5.9AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by