Lucene search
K

53963 matches found

OSV
OSV
added yesterday3 views

ROOT-OS-UBUNTU-2404-CVE-2017-13165 CVE-2017-13165 in rootio-linux - Patched by Root

Root has patched CVE-2017-13165 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.8CVSS5.9AI score0.00137EPSS
Exploits0
OSV
OSV
added yesterday4 views

ROOT-OS-UBUNTU-2404-CVE-2017-0537 CVE-2017-0537 in rootio-linux - Patched by Root

Root has patched CVE-2017-0537 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

4.7CVSS5.9AI score0.01046EPSS
Exploits0
OSV
OSV
added yesterday3 views

ROOT-OS-UBUNTU-2204-CVE-2017-13693 CVE-2017-13693 in rootio-linux - Patched by Root

Root has patched CVE-2017-13693 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS8.3AI score0.00439EPSS
Exploits0
OSV
OSV
added yesterday5 views

ROOT-OS-DEBIAN-11-CVE-2017-13693 CVE-2017-13693 in rootio-linux - Patched by Root

Root has patched CVE-2017-13693 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS8.2AI score0.00439EPSS
Exploits0
Nuclei
Nuclei
added yesterday52 views

Fortinet FortiOS < 5.6.0 - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN. id: CVE-2017-3133 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddha severity:...

6.1CVSS6.5AI score0.08869EPSS
Exploits5References2
Nuclei
Nuclei
added yesterday26 views

SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting

The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. id: CVE-2017-18518 info: name: SMTP by BestWebSoft 1.1.0 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. impact: |...

6.1CVSS6.4AI score0.01621EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday16 views

Schneider Electric Pelco VideoXpert Enterprise 2.0 - Path Traversal

Schneider Electric Pelco VideoXpert Enterprise versions 2.0 and prior contain a directory traversal caused by insufficient input validation, letting unauthorized persons view web server files, exploit requires no authentication. id: CVE-2017-9965 info: name: Schneider Electric Pelco VideoXpert...

5.8CVSS6.5AI score0.0465EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday38 views

HPE System Management - Cross-Site Scripting

HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

5.4CVSS6.5AI score0.04601EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday24 views

PhpColl 2.5.1 Arbitrary File Upload

PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logosclients/ via clients/editclient.php. id: CVE-2017-6090 info: name: PhpColl 2.5.1 Arbitrary File Uplo...

8.8CVSS7.7AI score0.96068EPSS
Exploits9References5
Nuclei
Nuclei
added yesterday23 views

McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting

McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request. id: CVE-2017-4011 info: name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting...

6.1CVSS6.3AI score0.03271EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday30 views

Fortinet FortiOS < 5.6.0 - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken. id: CVE-2017-3132 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddh...

6.1CVSS6.5AI score0.08112EPSS
Exploits5References2
Nuclei
Nuclei
added yesterday145 views

Odoo <= 8.0-20160726 & 9.0 - Open Redirect

An Open Redirect vulnerability in Odoo versions = 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. id: CVE-2017-5871 info: name: Odoo = 8.0-20160726 & 9.0 - Open Redirect author: 1337rokudenashi severity: medium description: | An Open...

5.8CVSS6AI score0.02676EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday37 views

DokuWiki - Cross-Site Scripting

DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATEAT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based...

6.1CVSS6.8AI score0.03253EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday131 views

Laravel <5.5.21 - Information Disclosure

Laravel through 5.5.21 is susceptible to information disclosure. An attacker can obtain sensitive information such as externally usable passwords via a direct request for the /.env URI. NOTE: CVE pertains only to the writeNewEnvironmentFileWith function in...

7.5CVSS7.1AI score0.8703EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday32 views

Pinterest by BestWebSoft < 1.0.5 - Cross-Site Scripting

The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues. id: CVE-2017-18517 info: name: Pinterest by BestWebSoft 1.0.5 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues...

6.1CVSS6.4AI score0.01621EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday19 views

Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting

The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. id: CVE-2017-18500 info: name: Social Buttons Pack by BestWebSof 1.1.1 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The social-buttons-pack plugin before 1.1.1 for WordPress has...

6.1CVSS6.4AI score0.0141EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday28 views

WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting

WSO2 Data Analytics Server 3.1.0 is susceptible to cross-site scripting in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter. id: CVE-2017-14651 info: name: WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting author: mass0ma severity: medium...

4.8CVSS6.1AI score0.03836EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday11 views

WordPress < 4.8.2 - Authenticated Open Redirect

WordPress versions before 4.8.2 contain an open redirect caused by improper validation in wp-admin/edit-tag-form.php and wp-admin/user-edit.php, letting attackers redirect users to malicious sites, exploit requires access to admin interface. id: CVE-2017-14725 info: name: WordPress 4.8.2 -...

5.4CVSS6.8AI score0.02134EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday46 views

OpenVPN Access Server 2.1.4 - CRLF Injection

CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATHINFO to sessionstart/. id:...

6.1CVSS6.6AI score0.04622EPSS
Exploits3References3
Nuclei
Nuclei
added yesterday33 views

WordPress Qards - Cross-Site Scripting

WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php. id: CVE-2017-18598 info: name: WordPress Qards - Cross-Site Scripting author: pussycat0x severity: medium description: WordPress Qards...

6.1CVSS6.3AI score0.01933EPSS
Exploits2References5
Rows per page
Query Builder