CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6727 matches found

RedhatCVE•added 2025/03/19 2:22 p.m.•7 views

CVE-2025-0833

A stored Cross-site Scripting XSS vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:22 p.m.•5 views

CVE-2025-0828

A stored Cross-site Scripting XSS vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:22 p.m.•9 views

CVE-2025-0826

A stored Cross-site Scripting XSS vulnerability affecting 3D Navigate in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:20 p.m.•6 views

CVE-2025-0827

A stored Cross-site Scripting XSS vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00294EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:20 p.m.•7 views

CVE-2025-0829

A stored Cross-site Scripting XSS vulnerability affecting 3D Markup in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:20 p.m.•7 views

CVE-2025-0599

A stored Cross-site Scripting XSS vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.0023EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:19 p.m.•8 views

CVE-2025-0601

A stored Cross-site Scripting XSS vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1

VulnCheck KEV•added 2025/03/19 12:0 a.m.•4 views

VulnCheck KEV: CVE-2024-22120

Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection...

9.1CVSS7.5AI score0.76618EPSS

Exploits5References1

Tenable Nessus•added 2025/03/19 12:0 a.m.•7 views

RHEL 8 : libreoffice (RHSA-2025:2868)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2868 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

7.8CVSS8.2AI score0.00291EPSS

Exploits0References4

Mageia•added 2025/03/18 12:4 a.m.•19 views

Updated libreoffice packages fix security vulnerability

Macro URL arbitrary script execution. CVE-2025-1080...

7.8CVSS7.2AI score0.00291EPSS

Exploits0References3

OpenVAS•added 2025/03/18 12:0 a.m.•10 views

Mageia: Security Advisory (MGASA-2025-0103)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.7AI score0.00291EPSS

Exploits0References5

OSV•added 2025/03/17 2:15 p.m.•2 views

CVE-2025-0598

A stored Cross-site Scripting XSS vulnerability affecting Relations in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

5.4CVSS6AI score0.00228EPSS

Exploits0References1

OSV•added 2025/03/17 2:15 p.m.•1 views

CVE-2025-0596

A stored Cross-site Scripting XSS vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

5.4CVSS6.1AI score0.00228EPSS

Exploits0References1

OSV•added 2025/03/17 2:15 p.m.•5 views

CVE-2025-0601

5.4CVSS6AI score0.00228EPSS

Exploits0References1

NVD•added 2025/03/17 2:15 p.m.•8 views

CVE-2025-0596

8.7CVSS0.00228EPSS

Exploits0References1

CVE•added 2025/03/17 1:50 p.m.•57 views

CVE-2025-0833

The CVE-2025-0833 entry describes a stored Cross-site Scripting (XSS) vulnerability in Route Management for ENOVIA Collaborative Industry Innovator, affecting 3DEXPERIENCE R2023x through R2024x. The underlying issue is stored XSS that allows an attacker to execute arbitrary script in a user’s bro...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1Affected Software1

CVE•added 2025/03/17 1:50 p.m.•58 views

CVE-2025-0832

CVE-2025-0832 describes a stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator’s Project Gantt, affecting releases R2022x through R2024x. The issue allows an attacker to execute arbitrary script code in a user’s browser session due to a stored XSS condition i...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1Affected Software1

CVE•added 2025/03/17 1:50 p.m.•54 views

CVE-2025-0829

CVE-2025-0829 : Stored XSS in ENOVIA Collaborative Industry Innovator (3D Markup) affecting 3DEXPERIENCE R2022x through R2024x. Underlying cause: stored cross-site scripting allowing arbitrary script execution in a user’s browser. Connected documents provide no patch/remediation details or exploi...

8.7CVSS6.1AI score0.00228EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/03/17 1:50 p.m.•11 views

CVE-2025-0828 Stored Cross-site Scripting (XSS) vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x

8.7CVSS0.00228EPSS

Exploits0References1

CVE•added 2025/03/17 1:49 p.m.•46 views

CVE-2025-0827

CVE-2025-0827 describes a stored XSS in Dassault Systèmes 3DSwymer’s 3DPlay component, affecting 3DEXPERIENCE R2022x–R2024x. The vulnerability allows an attacker to execute arbitrary script in a user’s browser session. Root cause is stored XSS in 3DSwymer/3DPlay, with CVSSv3.1 base score 8.7 (HIG...

8.7CVSS6.1AI score0.00294EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by