CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3298 matches found

OSV•added 2020/06/12 2:15 p.m.•2 views

CVE-2020-9644

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting stored vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

5.4CVSS5.9AI score0.01763EPSS

Exploits0References1

Prion•added 2020/06/12 2:15 p.m.•18 views

Cross site scripting

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting dom-based vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

4.3CVSS6.1AI score0.02441EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/06/12 1:14 p.m.•27 views

CVE-2020-9651

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting reflected vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.2AI score0.02441EPSS

Exploits0References1

Cvelist•added 2020/06/12 1:12 p.m.•37 views

CVE-2020-9648

Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to arbitrary javascript execution in the browser...

6.2AI score0.02441EPSS

Exploits0References1

Tenable Nessus•added 2020/06/12 12:0 a.m.•38 views

Adobe Experience Manager 6.0 < 6.5 Multiple Vulnerabilities (APSB20-31)

The version of Adobe Experience Manager installed on the remote host is prior to 6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-31 advisory. - Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery ssrf vulnerability...

7.5CVSS6.4AI score0.03294EPSS

Exploits0References7

OSV•added 2020/06/11 8:15 a.m.•12 views

CVE-2020-5592

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

6.1CVSS6.5AI score0.00781EPSS

Exploits0References2

NVD•added 2020/06/11 8:15 a.m.•20 views

CVE-2020-5592

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

6.1CVSS0.00781EPSS

Exploits0References2

Prion•added 2020/06/11 8:15 a.m.•17 views

Cross site scripting

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

4.3CVSS6.5AI score0.00781EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/06/11 7:0 a.m.•21 views

CVE-2020-5592

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors...

6.6AI score0.00781EPSS

Exploits0References2

CNVD•added 2020/06/11 12:0 a.m.•6 views

GitLab Cross-Site Scripting Vulnerability (CNVD-2021-20277)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in GitLab...

6.1CVSS6.3AI score0.0175EPSS

Exploits0References1

OSV•added 2020/06/10 3:15 p.m.•26 views

CVE-2020-13271

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1...

6.1CVSS6.2AI score0.01531EPSS

Exploits0References3

Debian CVE•added 2020/06/10 2:25 p.m.•21 views

CVE-2020-13271

Removed by vendor...

6.1CVSS6.3AI score0.01531EPSS

Exploits0

Veracode•added 2020/06/10 3:26 a.m.•17 views

Cross-site Request Forgery (CSRF)

bolt/bolt is vulnerable to cross-site request forgery. The vulnerability exists as it accepts requests without a valid token in the preview generating endpoint in src/Controller/Frontend.php which allows an attacker to inject and execute arbitrary javascript...

8.6CVSS5.2AI score0.01766EPSS

Exploits3References6Affected Software1

CNVD•added 2020/06/10 12:0 a.m.•2 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2020-32615)

Adobe Experience Manager is an enterprise content management solution that helps you simplify the management and delivery of your content and assets. A cross-site scripting vulnerability exists in Adobe Experience Manager. An attacker can exploit this vulnerability to execute arbitrary JavaScript...

6.1CVSS6.5AI score0.02441EPSS

Exploits0References1

CNVD•added 2020/06/10 12:0 a.m.•3 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2020-32614)

6.1CVSS6.5AI score0.02441EPSS

Exploits0References1

CNVD•added 2020/06/10 12:0 a.m.•3 views

Adobe Experience Manager Cross-Site Scripting Vulnerability (CNVD-2020-32613)

5.4CVSS6.5AI score0.01763EPSS

Exploits0References1

OSV•added 2020/06/03 6:15 p.m.•15 views

CVE-2020-7011

Elastic App Search versions before 7.7.0 contain a cross site scripting XSS flaw when displaying document URLs in the Reference UI. If the Reference UI injects a URL into a result, that URL will be rendered by the web browser. If an attacker is able to control the contents of such a field, they...

6.1CVSS6.2AI score

Exploits0References1

CNVD•added 2020/06/03 12:0 a.m.•2 views

IBM Planning Analytics Cross-Site Scripting Vulnerability (CNVD-2020-32657)

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. A cross-site scripting vulnerability exists in IBM Planning Analytics. An attacker can exploit thi...

5.4CVSS6.5AI score0.00651EPSS

Exploits0References1

OSV•added 2020/06/02 2:15 p.m.•2 views

CVE-2020-4503

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182283...

6.1CVSS5.4AI score

Exploits0References2

Veracode•added 2020/06/02 6:8 a.m.•26 views

Cross-Site Scripting (XSS)

com.liferay.portal.search.web is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the curUserName parameter...

6.1CVSS4.4AI score0.02291EPSS

Exploits5References8Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by