CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in a Flash component in Cisco Unified Computing System UCS Central allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud15430...

4.3CVSS6AI score0.00263EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 5:43 a.m.•1 views

SUSE CVE-2012-5883

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors...

4.3CVSS7.8AI score0.0063EPSS

Exploits0References3

Github Security Blog•added 2022/05/24 5:7 p.m.•21 views

Typo3 Cross-Site Scripting in Flash component (ELTS)

TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 included a vulnerable external component, which could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on a targeted system...

6.1CVSS5.7AI score0.20517EPSS

Exploits1References6Affected Software1

OSV•added 2022/05/17 1:38 a.m.•21 views

GHSA-JJG9-MF63-VQRP Cross-site scripting in yui 2.4.0

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207...

4.3CVSS7AI score0.00258EPSS

Exploits0References6

Github Security Blog•added 2022/05/17 1:38 a.m.•32 views

Cross-site scripting in yui 2.4.0

4.3CVSS5.7AI score0.00258EPSS

Exploits0References7Affected Software1

CNVD•added 2020/04/28 12:0 a.m.•1 views

HPE Service Pack for ProLiant Code Execution Vulnerability

HPE Service Pack for ProLiant is a comprehensive set of system software and firmware update solutions from Hewlett Packard Enterprise HPE. A security vulnerability exists in the Supplemental Update/Online ROM Flash Component in HPE Service Pack for ProLiant versions 2018.06.0, 2018.09.0, and...

7.8CVSS7.2AI score0.00083EPSS

Exploits0References1

OSV•added 2018/09/08 3:29 p.m.•0 views

CVE-2018-16725

An issue is discovered in baijiacms V4. XSS exists via the assets/weengine/components/zclip/ZeroClipboard.swf id parameter, aka "Non-standard use of the flash component."...

6.1CVSS5.8AI score

Exploits0References1

CVE•added 2018/09/08 3:0 p.m.•35 views

CVE-2018-16725

XSS in baijiacms V4 via the id parameter of assets/weengine/components/zclip/ZeroClipboard.swf (Non-standard use of the flash component). Affected: baijiacms V4; root cause: improper handling of the SWF component parameter; impact: cross-site scripting exposure. Remediation details are not provid...

6.1CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2018/07/13 6:29 p.m.•17 views

CVE-2018-1000206

JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery CSRF vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run maliciously crafted flas...

8.8CVSS8.8AI score0.00209EPSS

Exploits1References3

OSV•added 2018/07/13 6:29 p.m.•17 views

CVE-2018-1000206

8.8CVSS7.1AI score

Exploits0References3