CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9085 matches found

NVD•added 2012/11/23 7:55 p.m.•28 views

CVE-2010-1330

The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted string...

4.3CVSS5.6AI score0.00425EPSS

Exploits1References7

OSV•added 2012/11/23 7:55 p.m.•1 views

DEBIAN-CVE-2010-1330

4.3CVSS5.8AI score0.00425EPSS

Exploits1References1

Debian CVE•added 2012/11/23 7:0 p.m.•22 views

CVE-2010-1330

4.3CVSS5.6AI score0.00425EPSS

Exploits1

Cvelist•added 2012/11/23 7:0 p.m.•20 views

CVE-2010-1330

5.5AI score0.00425EPSS

Exploits1References7

0day.today•added 2012/10/31 12:0 a.m.•37 views

FortiWeb 4kC / 3kC / 1kC / VA Cross Site Scripting

FortiWeb 4kC, 3kC, 1kC, and VA suffer from multiple cross site scripting vulnerabilities. FortiWeb 4kC,3kC,1kC & VA - Cross Site Vulnerabilities Introduction: ============= FortiWeb web application firewalls protect, balance, and accelerate your web applications, databases, and any information...

6.8AI score

Exploits0

myhack58•added 2012/10/23 12:0 a.m.•17 views

Baidu Ueditor Open Source Editor for the Java version of jsp file upload vulnerability-vulnerability warning-the black bar safety net

The system default file upload process jsp filter is not strict cause can upload a jsp file,the jsp, you know how system privileges can execute arbitrary commands ! The problem is in the imageUp. jsp here use java regular expression to validate the uploaded file file name Re-set the file name whe...

1.9AI score

Exploits0

Tenable Nessus•added 2012/10/12 12:0 a.m.•39 views

Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)

Multiple vulnerabilities has been discovered and corrected in libxslt : Unspecified vulnerability in XSLT allows remote attackers to obtain potentially sensitive information about heap memory addresses via unknown vectors CVE-2011-1202. libxslt 1.1.26 and earlier does not properly manage memory,...

6.8CVSS8.8AI score0.01661EPSS

Exploits1References4

The Hacker News•added 2012/10/10 5:57 p.m.•10 views

Philippine court suspends Anti Cybercrime law

The Philippine Supreme Court on Tuesday suspended implementation of Republic Act 10175 or the Cybercrime Prevention Act for 120 days, while it decides whether certain provisions violate civil liberties. The law, signed last month, aims to combat Internet crimes such as hacking, identity theft,...

6.8AI score

Exploits0

NVD•added 2012/10/09 11:13 a.m.•18 views

CVE-2012-5109

The International Components for Unicode ICU functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service out-of-bounds read via vectors related to a regular expression...

5CVSS8.9AI score0.00774EPSS

Exploits0References3

Prion•added 2012/10/09 11:13 a.m.•14 views

Out-of-bounds

5CVSS6.7AI score0.00774EPSS

Exploits0References3Affected Software1

Cvelist•added 2012/10/09 10:0 a.m.•19 views

CVE-2012-5109

6AI score0.00774EPSS

Exploits0References3

The Hacker News•added 2012/10/03 3:23 p.m.•9 views

Internet freedom : Anonymous Brings Philippines Government Sites Offline

Hacker groups that are against the controversial Cybercrime Prevention Law for its effect on the country's freedom of expression defaced 11 more government websites since 11 p.m. Monday A message which said, "Hacked by M4N1L4 PR1D3, PHILIPPINE CYBER ARMY AND -=TheFamilyPride=-," appeared on the...

6.8AI score

Exploits0

NVD•added 2012/10/01 8:55 p.m.•6 views

CVE-2012-5223

The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...

7.5CVSS7.4AI score0.79642EPSS

Exploits3References6

Prion•added 2012/10/01 8:55 p.m.•9 views

Code injection

7.5CVSS8AI score0.79642EPSS

Exploits3References6Affected Software1

ATTACKERKB•added 2012/10/01 8:55 p.m.•2 views

CVE-2012-5223

7.5CVSS6.1AI score0.79642EPSS

Exploits3References9

Cvelist•added 2012/10/01 8:0 p.m.•14 views

CVE-2012-5223

7.4AI score0.79642EPSS

Exploits3References6

Prion•added 2012/09/19 10:57 a.m.•10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a JavaScript alert function used in conjunction with the fromCharCode method, 2 a SCRIPT element, 3 a Cascading Style Sheets CSS...

4.3CVSS6AI score0.00342EPSS

Exploits1References1Affected Software1

Cvelist•added 2012/09/19 10:0 a.m.•14 views

CVE-2012-2578

5.8AI score0.00342EPSS

Exploits1References1

Tenable Nessus•added 2012/09/17 12:0 a.m.•36 views

MDaemon WorldClient < 12.5.7 Multiple XSS Vulnerabilities

According to its banner, the version of MDaemon's WorldClient is earlier than 12.5.7 and is, therefore, affected by the following cross-site scripting vulnerabilities : - Input supplied in body of an email is not properly sanitized before being presented to the user. Specially crafted email...

4.3CVSS5.1AI score0.00401EPSS

Exploits1References2

RedHat Linux•added 2012/09/13 4:54 p.m.•0 views

libxslt: Use-after-free when processing an invalid XPath expression

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...

4.3CVSS7.4AI score0.0088EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by