CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4200 matches found

NVD•added 2023/06/22 3:15 p.m.•20 views

CVE-2023-36093

There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...

5.4CVSS5.3AI score0.00384EPSS

Exploits1References1

OSV•added 2023/06/22 3:15 p.m.•4 views

CVE-2023-36093

There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...

5.4CVSS5.6AI score0.00384EPSS

Exploits1References1

ATTACKERKB•added 2023/06/22 3:15 p.m.•4 views

CVE-2023-36093

There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...

5.4CVSS5.2AI score0.00384EPSS

Exploits1References2

Prion•added 2023/06/22 3:15 p.m.•20 views

Cross site scripting

There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...

4.9CVSS5.3AI score0.00384EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/06/22 12:0 a.m.•5 views

EyouCMS 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology. A security vulnerability exists in EyouCMS version 1.6.3, which originates from a stored cross-site scripting XSS vulnerability in the Basic Information...

5.4CVSS5.3AI score0.00384EPSS

Exploits1References2

Cvelist•added 2023/06/22 12:0 a.m.•31 views

CVE-2023-36093

There is a storage type cross site scripting XSS vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3...

5.5AI score0.00384EPSS

Exploits1References1

The Hacker News•added 2023/06/19 9:33 a.m.•3 views

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

Governmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. "The main goal of the attacks was to obtain highly confidential and sensiti...

8.3AI score

Exploits0

The Hacker News•added 2023/06/19 9:33 a.m.•64 views

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

8.4AI score

Exploits0

Tenable Nessus•added 2023/06/13 12:0 a.m.•9 views

Zyxel Router Detection - Get Basic Information

Binary data zyxelrouterdetectgetbasicinfo.nbin...

7.3AI score

Exploits0References1

Positive Technologies•added 2023/06/12 12:0 a.m.•5 views

PT-2023-12910 · Hewlett Packard · Hp Bios

Name of the Vulnerable Software and Affected Versions: HP BIOS affected versions not specified Description: A potential Time-of-Check to Time-of-Use TOCTOU issue has been identified in the HP BIOS for certain HP PC products. This may allow for arbitrary code execution, denial of service, and...

7.8CVSS7.7AI score0.00138EPSS

Exploits0References4

OSV•added 2023/06/07 10:15 p.m.•2 views

CVE-2023-29168

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

7.5CVSS7.1AI score

Exploits0References2

NVD•added 2023/06/07 10:15 p.m.•22 views

CVE-2023-29168

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

7.5CVSS5.8AI score0.00475EPSS

Exploits0References2

Prion•added 2023/06/07 10:15 p.m.•19 views

Design/Logic Flaw

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

5CVSS8AI score0.00475EPSS

Exploits0References2Affected Software1

CVE•added 2023/06/07 9:42 p.m.•45 views

CVE-2023-29168

CVE-2023-29168 affects PTC Vuforia Studio: the local Vuforia web application does not support HTTPS and federated credentials are passed via basic authentication, exposing credentials. Affected products: Vuforia Studio all versions prior to 9.9. According to the ICS advisory, it is exploitable re...

7.5CVSS5.8AI score0.00475EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/06/07 9:42 p.m.•24 views

CVE-2023-29168 PTC Vuforia Studio Insufficiently Protected Credentials

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

3.7CVSS7.7AI score0.00475EPSS

Exploits0References1

Vulnrichment•added 2023/06/07 9:42 p.m.•13 views

CVE-2023-29168 PTC Vuforia Studio Insufficiently Protected Credentials

The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication...

3.7CVSS7.6AI score0.00475EPSS

Exploits0References1

Huntr•added 2023/06/07 1:13 p.m.•45 views

Unauthenticated Blind SSRF

Description The Oxeye research team found Owncast vulnerable to an Unauthenticated Blind SSRF vulnerability. This vulnerability may allow an unauthenticated attacker to force the Owncast server to send HTTP requests to arbitrary locations using the GET HTTP method. This vulnerability also allows...

6.4CVSS7.5AI score0.01356EPSS

Exploits1

OSV•added 2023/05/31 9:15 p.m.•7 views

CVE-2023-33642

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditBasicSSID interface at /goform/aspForm...

7.2CVSS7.1AI score

Exploits0References1

ATTACKERKB•added 2023/05/31 9:15 p.m.•3 views

CVE-2023-33642

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditBasicSSID interface at /goform/aspForm...

7.2CVSS7.1AI score0.00933EPSS

Exploits0References3