CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/01/09 8:52 a.m.•2 views

CVE-2021-2483

Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite component: Content Item Manager. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Content Manager...

8.1CVSS6.5AI score0.01352EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0190

Malware in sbrugna...

5.4CVSS5.3AI score0.00272EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-0060

Malware in sbrugna...

4.3CVSS6AI score0.00343EPSS

Exploits0References13

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-16941

Malware in sbrugna...

8.1CVSS8.6AI score0.01352EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 7:48 p.m.•4 views

CVE-2021-33508

Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item...

5.4CVSS5.7AI score0.00272EPSS

Exploits0References1

OSV•added 2022/05/16 5:15 p.m.•15 views

CVE-2021-23265

A logged-in and authenticated user with a Reviewer Role may lock a content item...

4.3CVSS4.6AI score

Exploits0References1

NVD•added 2022/05/16 5:15 p.m.•8 views

CVE-2021-23265

A logged-in and authenticated user with a Reviewer Role may lock a content item...

4.3CVSS0.00232EPSS

Exploits0References1

Cvelist•added 2022/05/16 5:5 p.m.•12 views

CVE-2021-23265 Improper Privilege Management in Crafter Studio

A logged-in and authenticated user with a Reviewer Role may lock a content item...

3.5CVSS4.8AI score0.00232EPSS

Exploits0References1

Veracode•added 2021/05/25 3:27 a.m.•19 views

Cross-Site Scripting (XSS)

plone is vulnerable to cross-site scripting. The vulnerability exists due to the mishandling of the full name during rendering of the ownership tab of a content item...

5.4CVSS2.1AI score0.00272EPSS

Exploits0References2Affected Software1

NVD•added 2021/05/21 10:15 p.m.•9 views

CVE-2021-33508

Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item...

5.4CVSS0.00272EPSS

Exploits0References2

PyPA•added 2021/05/21 10:15 p.m.•3 views

PYSEC-2021-80

Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item...

5.4CVSS6.2AI score0.00272EPSS

Exploits0References3Affected Software1

Prion•added 2021/05/21 10:15 p.m.•14 views

Code injection

Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item...

3.5CVSS5.1AI score0.00272EPSS

Exploits0References2Affected Software1

CVE•added 2021/05/21 9:33 p.m.•112 views

CVE-2021-33508

The CVE-2021-33508 entry describes a XSS vulnerability in Plone versions up to 5.2.4 where the user’s full name is mishandled during rendering of the ownership tab, enabling cross-site scripting. Affected product: Plone CMS (up to 5.2.4). Root cause: improper handling of the fullname field in the...

5.4CVSS5.4AI score0.00272EPSS

Exploits0References2Affected Software1

OpenVAS•added 2016/08/25 12:0 a.m.•21 views

IBM WebSphere Portal Security Bypass Vulnerability

IBM WebSphere Portal is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4CVSS4.6AI score0.00088EPSS

Exploits0References1

RedHat Linux•added 2014/09/16 5:28 a.m.•1 views

(Plone): Anonymous users can batch change titles of content items

It was discovered that Plone, included as a part of luci, allowed a remote anonymous user to change titles of content items due to improper permissions checks...

4.3CVSS5.8AI score0.00343EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by