CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Cvelist•added 2024/10/30 12:0 a.m.•10 views

CVE-2024-31972

EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that could lead to arbitrary JavaScript code execution under the context of the user's session via the Wi-Fi SSID input fields. Web scripts embedded into the vulnerable fields this way are executed immediate...

0.00098EPSS

Exploits0References1

Cvelist•added 2024/10/30 12:0 a.m.•11 views

CVE-2024-42041

The com.videodownload.browser.videodownloader aka AppTool-Browser-Video All Video Downloader application 20-30.05.24 for Android allows an attacker to execute arbitrary JavaScript code via the acr.browser.lightning.DefaultBrowserActivity component...

0.00307EPSS

Exploits0References1

RedHat Linux•added 2024/10/28 12:58 a.m.•38 views

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS7.6AI score0.03683EPSS

Exploits2References13

OSV•added 2023/09/06 9:15 p.m.•21 views

CVE-2023-40397

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution...

9.8CVSS6.2AI score

Exploits0References3

Cvelist•added 2023/09/06 8:48 p.m.•25 views

CVE-2023-40397

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution...

8.9AI score0.01449EPSS

Exploits0References3

Cvelist•added 2023/06/14 9:14 p.m.•10 views

CVE-2023-2819

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. This could result in arbitrary javascript code...

4.3CVSS5AI score0.00086EPSS

Exploits0References1

Cvelist•added 2023/05/03 12:10 p.m.•15 views

CVE-2023-1384

The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...

4.3CVSS6.6AI score0.00417EPSS

Exploits0References1

Prion•added 2021/08/24 7:15 p.m.•12 views

Input validation

A validation issue was addressed with improved input sanitization. This issue is fixed in iTunes U 3.8.3. Processing a maliciously crafted URL may lead to arbitrary javascript code execution...

4.3CVSS6AI score0.0222EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/04/02 5:49 p.m.•20 views

CVE-2021-1748

A validation issue was addressed with improved input sanitization. This issue is fixed in tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted URL may lead to arbitrary javascript code execution...

8.6AI score0.00454EPSS

Exploits0References3

Cvelist•added 2020/04/01 5:23 p.m.•16 views

CVE-2020-3884

An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution...

6.8AI score0.00502EPSS

Exploits0References1

OSV•added 2018/03/13 8:38 p.m.•14 views

GHSA-82GW-PQF7-Q3J2 pym.js CSRF Vulnerability

NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross Site Request Forgery CSRF vulnerability in Pym.js onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.jsL573 can result in Arbitrary javascript code execution. This attack appears to be...

8.8CVSS9AI score0.00296EPSS

Exploits0References6

Prion•added 2018/03/13 3:29 p.m.•7 views

Cross site request forgery (csrf)

NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery CSRF vulnerability in Pym.js onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.jsL573 that can result in Arbitrary javascript code execution. This attack appear to be...

6.8CVSS9AI score0.00296EPSS

Exploits0References3Affected Software1

securityvulns•added 2010/07/16 12:0 a.m.•37 views

XSS vulnerability in WebPress

Vulnerability ID: HTB22478 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinwebpress.html Product: WebPress Vendor: YWP http://www.goywp.com/ Vulnerable Version: Current at 01.07.2010 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: XSS Cross Site...

0.4AI score

Exploits0

OpenVAS•added 2009/06/16 12:0 a.m.•38 views

Mozilla Seamonkey Multiple Vulnerability Jun-09 (Windows)

The host is installed with Seamonkey, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjun09win.nasl 4869 2016-12-29 11:01:45Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Jun-09 Windows Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbon...

9.3CVSS0.8AI score0.15734EPSS

Exploits7References8

OpenVAS•added 2009/06/16 12:0 a.m.•45 views

Mozilla Firefox Multiple Vulnerability Jun-09 (Linux)

The host is installed with Firefox Browser, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjun09lin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox Multiple Vulnerabilities Jun-09 Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbon...

9.3CVSS0.6AI score0.15734EPSS

Exploits13References13

OpenVAS•added 2009/06/16 12:0 a.m.•36 views

Mozilla Seamonkey Multiple Vulnerability Jun-09 (Linux)

The host is installed with Seamonkey, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjun09lin.nasl 4869 2016-12-29 11:01:45Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Jun-09 Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone...

9.3CVSS0.7AI score0.15734EPSS

Exploits7References8

OpenVAS•added 2009/06/16 12:0 a.m.•35 views

Mozilla Firefox Multiple Vulnerabilities (Jun 2009) - Linux

Firefox Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS9.2AI score0.15734EPSS

Exploits13References16

OpenVAS•added 2009/04/30 12:0 a.m.•39 views

Mozilla Thunderbird Multiple Vulnerabilities Apr-09 (Windows)

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodthunderbirdmultvulnapr09win.nasl 5148 2017-01-31 13:16:55Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities Apr-09 Windows Authors: Sharath S Copyright: Copyright c...

6.8CVSS0.1AI score0.06664EPSS

Exploits4References6

OpenVAS•added 2009/04/30 12:0 a.m.•36 views

Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Linux)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnapr09lin.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Apr-09 Linux Authors: Sharath S Copyright: Copyright c 2009...

6.8CVSS0.5AI score0.06664EPSS

Exploits5References8

OpenVAS•added 2009/04/30 12:0 a.m.•27 views

Mozilla Seamonkey Multiple Vulnerabilities Apr-09 (Windows)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnapr09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Apr-09 Windows Authors: Sharath S Copyright: Copyright c 2009...

6.8CVSS0.6AI score0.06664EPSS

Exploits5References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by