CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

493 matches found

Prion•added 2022/12/19 8:15 p.m.•22 views

Cross site scripting

Adobe Experience Manager version 6.5.14 and earlier is affected by a reflected Cross-Site Scripting XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

4.9CVSS5.7AI score0.0048EPSS

Exploits0References1Affected Software2

Prion•added 2022/12/19 8:15 p.m.•20 views

Cross site scripting

4.9CVSS5.7AI score0.0048EPSS

Exploits0References1Affected Software2

NVD•added 2022/12/06 7:15 p.m.•30 views

CVE-2022-46154

Kodexplorer is a chinese language web based file manager and browser based code editor. Versions prior to 4.50 did not prevent unauthenticated users from requesting arbitrary files from the host OS file system. As a result any files available to the host process may be accessed by arbitrary users...

8.6CVSS0.0082EPSS

Exploits0References2

NVD•added 2022/12/06 2:15 a.m.•25 views

CVE-2022-40603

A cross-site scripting XSS vulnerability in the CGI program of Zyxel ZyWALL/USG series firmware versions 4.30 through 4.72, VPN series firmware versions 4.30 through 5.31, USG FLEX series firmware versions 4.50 through 5.31, and ATP series firmware versions 4.32 through 5.31, which could allow an...

6.1CVSS0.00359EPSS

Exploits0References1

Prion•added 2022/12/06 2:15 a.m.•32 views

Cross site scripting

5.8CVSS5.9AI score0.00359EPSS

Exploits0References1Affected Software19

Cvelist•added 2022/12/06 12:0 a.m.•20 views

CVE-2022-40603

4.7CVSS6.1AI score0.00359EPSS

Exploits0References1

NVD•added 2022/11/15 9:15 p.m.•15 views

CVE-2022-20834

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

4.8CVSS0.00446EPSS

Exploits0References1

Prion•added 2022/11/15 9:15 p.m.•14 views

Cross site scripting

4.3CVSS5AI score0.00446EPSS

Exploits0References1Affected Software1

Prion•added 2022/11/15 9:15 p.m.•17 views

Cross site scripting

4.3CVSS5AI score0.00446EPSS

Exploits0References1Affected Software1

Prion•added 2022/11/15 9:15 p.m.•23 views

Cross site scripting

4.3CVSS5AI score0.00446EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/11/09 12:0 a.m.•4 views

PT-2022-5691 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

4.9CVSS6AI score0.00446EPSS

Exploits0References4

NVD•added 2022/11/04 6:15 p.m.•15 views

CVE-2022-20963

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. This vulnerability is due to...

5.4CVSS0.00429EPSS

Exploits0References1

The Hacker News•added 2022/10/07 8:58 a.m.•47 views

Hackers Can Use 'App Mode' in Chromium Browsers' for Stealth Phishing Attacks

In what's a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create "realistic desktop phishing applications." Application Mode is designed to offer native-like experiences in a manner that causes the website to be...

1.1AI score

Exploits0

Microsoft Malware Protection•added 2022/08/18 5:0 p.m.•11 views

Hardware-based threat defense against increasingly complex cryptojackers

Even with the dip in the value of cryptocurrencies in the past few months, cryptojackers – trojanized coin miners that attackers distribute to use compromised devices’ computing power for their objectives – continue to be widespread. In the past several months, Microsoft Defender Antivirus detect...

0.3AI score

Exploits0

Tenable Nessus•added 2022/08/12 12:0 a.m.•40 views

Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling (cisco-sa-asa-webvpn-LOeKsNmO)

A vulnerability in the Clientless SSL VPN WebVPN component of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to conduct browser-based attacks. This vulnerability is due to improper validation of input that is passed to the Clientless SSL VPN...

6.1CVSS6.5AI score0.01302EPSS

Exploits0References3

ATTACKERKB•added 2022/08/10 11:0 p.m.•2 views

CVE-2022-20713

A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This vulnerability is du...

6.1CVSS6.4AI score0.01302EPSS

Exploits0References3Affected Software2

NVD•added 2022/08/10 5:15 p.m.•26 views

CVE-2022-20713

6.1CVSS0.01302EPSS

Exploits0References1

Prion•added 2022/08/10 5:15 p.m.•26 views

Cross site scripting

5.8CVSS6.1AI score0.01302EPSS

Exploits0References1Affected Software2

Cvelist•added 2022/08/10 4:20 p.m.•24 views

CVE-2022-20713