Lucene search
K

2049 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/18 12:0 a.m.21 views

Oracle Linux 8 : libreoffice (ELSA-2023-0089)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0089 advisory. - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys - Resolves: rhbz2134750 CVE-2022-26306...

8.8CVSS7.1AI score0.04354EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/01/14 12:0 a.m.27 views

AlmaLinux 8 : libreoffice (ALSA-2023:0089)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0089 advisory. - LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme...

8.8CVSS7.8AI score0.04354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/01/12 9:18 a.m.32 views

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

8.8CVSS7.2AI score0.04354EPSS
Exploits0References5
OSV
OSV
added 2023/01/12 8:25 a.m.50 views

RLSA-2023:0089 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS7.7AI score0.04354EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/01/12 12:0 a.m.4 views

CVE-2022-46503

A cross-site scripting XSS vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter...

6.1AI score0.004EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2022/12/22 12:0 a.m.25 views

Fedora 35 : libreoffice (2022-775c747e4a)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-775c747e4a advisory. LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command...

6.3CVSS6.7AI score0.04354EPSS
Exploits0References2
OSV
OSV
added 2022/12/21 6:15 p.m.5 views

CVE-2022-40841

A cross-site scripting XSS vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter...

6.1CVSS5.9AI score0.00499EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.5 views

PT-2022-27380 · Unknown · Expense Tracker

Name of the Vulnerable Software and Affected Versions: Expense Tracker version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field. Recommendations: For Expense Tracker version 1.0,...

5.4CVSS5.4AI score0.00465EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/15 12:0 a.m.5 views

CVE-2022-45033

A cross-site scripting XSS vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field...

5.3AI score0.00465EPSS
Exploits1References1
OSV
OSV
added 2022/12/14 3:15 p.m.4 views

CVE-2022-31358

A reflected cross-site scripting XSS vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/...

9CVSS6AI score0.01273EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/12/13 5:5 a.m.3 views

Redmine vulnerable to cross-site scripting

Overview Redmine contains a cross-site scripting vulnerability CWE-79 caused by improper Textile processing. Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

6.1CVSS6AI score0.00429EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.19 views

CVE-2022-45028

A cross-site scripting XSS vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha...

6AI score0.00526EPSS
Exploits1References2
Prion
Prion
added 2022/12/12 1:15 p.m.20 views

Cross site scripting

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim...

5.8CVSS5.9AI score0.0049EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/12/07 10:15 a.m.35 views

CVE-2022-42458

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...

9.8CVSS0.01078EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/07 12:0 a.m.31 views

CVE-2022-42458

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...

9.8AI score0.01078EPSS
Exploits0References2
CVE
CVE
added 2022/12/07 12:0 a.m.195 views

CVE-2022-42458

CVE-2022-42458 affects bingo!CMS versions 1.7.4.1 and earlier, where an authentication bypass vulnerability in management functions allows remote, unauthenticated attackers to upload arbitrary files, potentially enabling arbitrary script execution or file modification. The Red Hat and JVN entries...

9.8CVSS9.5AI score0.01078EPSS
In wildExploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/07 12:0 a.m.13 views

CVE-2022-43660

Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...

7AI score0.00972EPSS
Exploits0References2
Prion
Prion
added 2022/12/02 8:15 p.m.11 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

4.9CVSS5.3AI score0.00415EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.14 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

4.9CVSS5.3AI score0.00405EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/02 12:0 a.m.4 views

CVE-2022-44961

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.3AI score0.00405EPSS
Exploits1References2
Rows per page
Query Builder