CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

156 matches found

Openbugbounty•added 2022/01/05 10:47 a.m.•14 views

savevideo.us Cross Site Scripting vulnerability OBB-2324080

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

OSV•added 2021/08/02 4:58 p.m.•1 views

GHSA-9C8W-JRW3-Q2C3 Cross-site Scripting in OWASP AntiSamy

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer XHTML is not affected. This was demonstrated by a javascript: URL with &00058 as the replacement for the : character...

6.1CVSS6.9AI score0.00468EPSS

Exploits0References8

Openbugbounty•added 2021/07/12 4:34 a.m.•7 views

hrylabour.gov.in Cross Site Scripting vulnerability OBB-2084641

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| hrylabour.gov.in ---|--- Open Bug Bount...

6.3AI score

Exploits0

Fedora•added 2021/02/17 5:9 a.m.•56 views

[SECURITY] Fedora 32 Update: roundcubemail-1.4.11-1.fc32

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

5.4CVSS0.2AI score0.00259EPSS

Exploits0

ATTACKERKB•added 2020/09/04 12:0 a.m.•40 views

CVE-2020-3495

Cisco Jabber is vulnerable to Cross Site Scripting XSS through XHTML-IM messages. The application does not properly sanitize incoming HTML messages and instead passes them through a flawed XSS filter. Recent assessments: wvu-r7 at September 03, 2020 7:38pm UTC reported: This XSS combined with...

9.9CVSS2.1AI score0.05306EPSS

Exploits0References2

Fedora•added 2020/08/20 1:12 a.m.•28 views

[SECURITY] Fedora 32 Update: roundcubemail-1.4.8-1.fc32

6.1CVSS0.2AI score0.00704EPSS

Exploits0

Fedora•added 2020/07/15 1:12 a.m.•15 views

[SECURITY] Fedora 32 Update: roundcubemail-1.4.7-1.fc32

0.2AI score

Exploits0

Fedora•added 2020/07/15 1:11 a.m.•15 views

[SECURITY] Fedora 31 Update: roundcubemail-1.4.7-1.fc31

0.2AI score

Exploits0

Fedora•added 2020/06/19 1:7 a.m.•28 views

[SECURITY] Fedora 31 Update: roundcubemail-1.4.6-1.fc31

9.8CVSS0.2AI score0.93275EPSS

Exploits3

Fedora•added 2020/06/19 1:5 a.m.•39 views

[SECURITY] Fedora 32 Update: roundcubemail-1.4.6-1.fc32

9.8CVSS0.2AI score0.93275EPSS

Exploits3

Openbugbounty•added 2020/06/10 10:6 a.m.•12 views

seovavavoom.com Cross Site Scripting vulnerability OBB-1190873

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

0.7AI score

Exploits0

Fedora•added 2020/05/09 3:13 a.m.•12 views

[SECURITY] Fedora 32 Update: roundcubemail-1.4.4-1.fc32

0.2AI score

Exploits0

Veracode•added 2020/02/25 5:21 a.m.•11 views

Cross-Site Scripting (XSS)

Dnn.Platform is vulnerable to cross-site scripting XSS. The vulnerability exists as it allows XHTML tags such as...

5.4CVSS1.6AI score0.00353EPSS

Exploits2References4Affected Software1

0day.today•added 2019/03/13 12:0 a.m.•64 views

Microsoft Windows MSHTML Engine - (Edit) Remote Code Execution Exploit

Exploit for windows platform in category local exploits Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...

9.3CVSS0.1AI score0.87167EPSS

Exploits4

Fedora•added 2018/11/04 10:9 p.m.•8 views

[SECURITY] Fedora 28 Update: roundcubemail-1.3.8-1.fc28

0.2AI score

Exploits0

Fedora•added 2017/11/20 1:4 a.m.•29 views

[SECURITY] Fedora 27 Update: roundcubemail-1.3.3-1.fc27

7.8CVSS0.2AI score0.35939EPSS

Exploits5

Fedora•added 2017/11/19 11:17 p.m.•25 views

[SECURITY] Fedora 26 Update: roundcubemail-1.3.3-1.fc26

7.8CVSS0.2AI score0.35939EPSS

Exploits5

CNVD•added 2017/08/22 12:0 a.m.•2 views

DokuWiki /inc/parser/xhtml.php file cross-site scripting vulnerability

DokuWiki is a German software developer Andreas Gohr developed a PHP-based Wiki engine , it is mainly used for small and medium-sized team and personal website knowledge base management , and provides version control , full-text search and permission control and other functions . A cross-site...

6.1CVSS6.3AI score0.00507EPSS

Exploits1References1

CNVD•added 2017/08/22 12:0 a.m.•1 views

DokuWiki /inc/parser/xhtml.php file cross-site scripting vulnerability

DokuWiki is a PHP-based Wiki engine. A cross-site scripting vulnerability exists in the DokuWiki /inc/parser/xhtml.php file, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain access to sensitive information or hijack user...

6.1CVSS6.3AI score0.00347EPSS

Exploits1References1

OSV•added 2017/08/21 7:29 a.m.•2 views

UBUNTU-CVE-2017-12980

DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-controlled server to trigger JavaScript execution. The JavaScript can be in an author field, as...

6.1CVSS6.7AI score0.00507EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by