CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-0916

Malware in sbrugna...

7.1CVSS6.4AI score0.00444EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-16154

Malware in sbrugna...

6.1CVSS6.3AI score0.00259EPSS

Exploits0References3

Veracode•added 2024/03/04 6:24 a.m.•13 views

Cross Site Scripting

sidekiq-unique-jobs is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a missing input validation and output sanitization for the GET request parameters handled by the endpoints - /changelogs, /locks and /expiringlocks of the "admin" web UI. This can allow an attacker to...

6.1CVSS6.6AI score0.00266EPSS

Exploits2References7Affected Software1

NVD•added 2024/02/13 7:15 p.m.•5 views

CVE-2024-25122

sidekiq-unique-jobs is an open source project which prevents simultaneous Sidekiq jobs with the same unique arguments to run. Specially crafted GET request parameters handled by any of the following endpoints of sidekiq-unique-jobs' "admin" web UI, allow a super-user attacker, or an unwitting, bu...

7.1CVSS6.9AI score0.00099EPSS

Exploits1References2

OSV•added 2024/02/13 6:34 p.m.•21 views

GHSA-CMH9-RX85-XJ38 XSS sidekiq-unique-jobs UI server vulnerability

Summary Cross site scripting XSS potentially exposing cookies / sessions / localStorage, fixed by sidekiq-unique-jobs v8.0.7. Specifically, this is a Reflected Server-Side, Non-Self, Cross Site Scripting vulnerability, considered a P3 on the BugCrowd taxonomy with the following categorization:...

7.1CVSS8AI score0.00266EPSS

Exploits3References6

OSV•added 2020/01/23 6:15 p.m.•0 views

CVE-2019-15712

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to access web console they should not be authorized for...

7.2CVSS7AI score

Exploits0References1

NVD•added 2019/02/26 3:29 p.m.•12 views

CVE-2019-6595

Cross-site scripting XSS vulnerability in F5 BIG-IP Access Policy Manager APM 11.5.x and 11.6.x Admin Web UI...

6.1CVSS6.1AI score0.00259EPSS

Exploits0References2

Prion•added 2019/02/26 3:29 p.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in F5 BIG-IP Access Policy Manager APM 11.5.x and 11.6.x Admin Web UI...

4.3CVSS6.1AI score0.00259EPSS

Exploits0References2Affected Software1

CVE•added 2019/02/26 3:0 p.m.•58 views

CVE-2019-6595

Affected software: F5 BIG-IP Access Policy Manager (APM) Admin Web UI on 11.5.x–11.6.x. Vulnerability: Cross-site scripting (XSS) that can be exploited to inject script on the logon page. Root cause/impact: Remote attacker could render arbitrary script in the login interface, enabling XSS between...

6.1CVSS6.1AI score0.00259EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2014/05/21 12:0 a.m.•25 views

IBM Lotus Protector for Mail Security Multiple Vulnerabilities

A version of IBM Lotus Protector for Mail Security is installed on the remote host that is affected by multiple vulnerabilities : - An unspecified cross-site scripting vulnerability exists in the Admin Web UI. CVE-2014-0884 - An unspecified cross-site request forgery vulnerability exists in the...

7.1CVSS5.7AI score0.0064EPSS

Exploits4References6

Prion•added 2014/03/25 8:55 p.m.•12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS6.9AI score0.00109EPSS

Exploits1References2Affected Software1

Prion•added 2014/03/25 8:55 p.m.•12 views

Design/Logic Flaw

The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors...

7.1CVSS7.4AI score0.00444EPSS

Exploits1References2Affected Software1

Prion•added 2014/03/25 8:55 p.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.5AI score0.00166EPSS

Exploits1References2Affected Software1

Cvelist•added 2014/03/25 8:0 p.m.•12 views

CVE-2014-0887

The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

7.1AI score0.0064EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by