Lucene search
+L

58 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/02 12:0 a.m.27 views

EMC Data Protection Advisor < 19.7 Build B4 XSS (DSA-2022-107)

According to its self-reported version, the application is below version 19.7 Build B4. It is, therefore, affected by a stored cross-site scripting vulnerability. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context ...

5.4CVSS5.5AI score0.00364EPSS
Exploits0References3
NVD
NVD
added 2022/08/30 9:15 p.m.17 views

CVE-2022-33935

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data stor...

5.4CVSS0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/30 8:25 p.m.24 views

CVE-2022-33935

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data stor...

5.4CVSS5.6AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2022/08/30 8:25 p.m.54 views

CVE-2022-33935

Summary: CVE-2022-33935 affects Dell EMC Data Protection Advisor versions 19.6 and earlier and is a stored cross-site scripting (XSS) vulnerability in the web data store component. An attacker could cause the browser to execute malicious HTML/JavaScript in the context of the vulnerable web applic...

5.4CVSS5.3AI score0.00364EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/08/10 5:15 p.m.4 views

CVE-2022-33929

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the...

6.1CVSS5.9AI score0.00445EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/10 4:31 p.m.18 views

CVE-2022-33929

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the...

6.1CVSS6.8AI score0.00445EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/07/08 12:0 a.m.36 views

Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

6.5CVSS6.2AI score0.00641EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/07/07 7:15 p.m.18 views

Design/Logic Flaw

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

4CVSS6.8AI score0.00641EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/06/02 9:15 p.m.30 views

CVE-2022-26866

Dell PowerStore Versions before v2.1.1.0. contains a Stored Cross-Site Scripting vulnerability. A high privileged network attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user...

5.5CVSS0.00437EPSS
Exploits0References1
CVE
CVE
added 2022/05/26 3:20 p.m.70 views

CVE-2022-29091

Summary: CVE-2022-29091 affects Dell Unity, Dell UnityVSA, and Dell UnityXT versions before 5.2.0.0.5.173. A Reflected Cross-Site Scripting vulnerability exists in the Unisphere GUI, enabling an unauthenticated remote attacker to trigger execution of malicious HTML/JavaScript in the victim’s brow...

6.1CVSS6.2AI score0.00928EPSS
Exploits0References1Affected Software3
Check Point Advisories
Check Point Advisories
added 2018/05/27 12:0 a.m.4 views

Adobe Acrobat and Reader Client Side Request Injection (APSB18-09: CVE-2018-4995)

A Security Bypass vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

7.5CVSS8.6AI score0.0718EPSS
Exploits0
Packet Storm
Packet Storm
added 2017/10/01 12:0 a.m.64 views

SmarterStats 11.3.6347 Cross Site Scripting

---------------------------- Title: CVE-2017-14620 ---------------------------- TL;DR: SmarterStats Version 11.3.6347, and possibly prior versions, will Render the Referer Field of HTTP Logfiles in URL /Data/Reports/ReferringURLsWithQueries ---------------------------- Author: David Hoyt Date:...

6.3AI score0.02466EPSS
Exploits5
exploitpack
exploitpack
added 2017/09/27 12:0 a.m.56 views

SmarterStats 11.3.6347 - Cross-Site Scripting

SmarterStats 11.3.6347 - Cross-Site Scripting ---------------------------- Title: CVE-2017-14620 ---------------------------- TL;DR: SmarterStats Version 11.3.6347, and possibly prior versions, will Render the Referer Field of HTTP Logfiles in URL /Data/Reports/ReferringURLsWithQueries...

4.3CVSS0.1AI score0.02466EPSS
Exploits5
CNVD
CNVD
added 2016/05/12 12:0 a.m.2 views

Squid Denial of Service Vulnerability (CNVD-2016-03063)

Squid full name Squid Cache is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A denial-of-service vulnerability exists in the clientsiderequest.cc file in Squid versions 3.x...

7.5CVSS8.4AI score0.5392EPSS
Exploits1References1
Prion
Prion
added 2016/05/10 7:59 p.m.22 views

Design/Logic Flaw

clientsiderequest.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via crafted Edge Side Includes ESI responses...

5CVSS6.8AI score0.5392EPSS
Exploits1References16Affected Software3
OSV
OSV
added 2016/05/10 12:0 a.m.3 views

UBUNTU-CVE-2016-4555

clientsiderequest.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service crash via crafted Edge Side Includes ESI responses...

7.5CVSS7.2AI score0.5392EPSS
Exploits1References4
Vulnerability Lab
Vulnerability Lab
added 2015/01/20 12:0 a.m.29 views

Remote Desktop v0.9.4 Android - Multiple Vulnerabilities

Document Title: =============== Remote Desktop v0.9.4 Android - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1413 Release Date: ============= 2015-01-20 Vulnerability Laboratory ID VL-ID: ====================================...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2012/11/29 7:21 p.m.12 views

PayPal Fixes Trio of Remote-Access Vulnerabilities

PayPal has repaired three remote-access vulnerabilities found in different areas of its website, including a cross-site scripting XSS flaw on its PayPal Community Forum. All three flaws were submitted to PayPal’s Bug Bounty Program. Researcher Benjamin Kunz Mejri of Vulnerability-Lab reported the...

Exploits0References5
Rows per page
Query Builder