Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8133 matches found

CVE
CVEadded 2015/01/21 7:0 p.m.71 views

CVE-2015-0420

Oracle CVE-2015-0420 concerns Oracle Forms in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2. It is described as an unspecified vulnerability affecting confidentiality via Forms Services with unknown vectors. The connected documents do not supply concrete technical details (root cause, affected s...

4.3CVSS5.8AI score0.00362EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2015/01/21 7:0 p.m.21 views

CVE-2015-0420

Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services...

5.6AI score0.00362EPSS
Exploits0References3
Prion
Prionadded 2015/01/14 7:59 p.m.19 views

Design/Logic Flaw

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940...

5CVSS7.5AI score0.00354EPSS
Exploits0References1
Cvelist
Cvelistadded 2015/01/14 7:0 p.m.21 views

CVE-2014-3314

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940...

6.9AI score0.00354EPSS
Exploits0References1
0day.today
0day.todayadded 2015/01/01 12:0 a.m.97 views

Wordpress Plugin Cforms 14.7 Remote Code Execution Vulnerability

Cforms version 14.7 suffers from a remote code execution vulnerability. Advisory: Remote Code Execution via Unauthorised File upload in Cforms 14.7 Author: Zakhar Fedotkin Affected Software: Wordpress Plugin Cforms II 14.x-14.7 Release: 12th Nov 2014 Vendor URL:...

7.9AI score
Exploits0
Packet Storm
Packet Stormadded 2014/12/30 12:0 a.m.44 views

Cforms 14.7 Remote Code Execution

Advisory: Remote Code Execution via Unauthorised File upload in Cforms 14.7 Advisory ID: - Author: Zakhar Fedotkin Affected Software: Wordpress Plugin Cforms II 14.x-14.7 Release: 12th Nov 2014 Vendor URL: https://wordpress.org/plugins/cforms2/ Vendor Status: fixed CVE-ID: -...

7.4AI score
Exploits0
Patchstack
Patchstackadded 2014/12/19 12:0 a.m.10 views

WordPress Live Forms Plugin <= 1.2.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability, because form input fields on blog front-end are not filtered. The attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

1.7AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDBadded 2014/12/19 12:0 a.m.9 views

Live Forms <= 1.2.0 - Unauthenticated Stored Cross-Site Scripting (XSS)

Form input fields on the blog front end are not properly sanitised. The unsanitised user input will be displayed in "WordPress Admin Form entries". Screenshots: http://imgur.com/Oflsb3n http://imgur.com/jHaZR5O...

0.1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDBadded 2014/12/02 12:0 a.m.20 views

Ninja Forms <= 2.8.9 - Unspecified Issue Affecting Admin Users

This version includes a fix for a potential security vulnerability for admin users...

7.5CVSS4.1AI score0.00311EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2014/11/20 5:50 p.m.12 views

CVE-2014-8493

ZTE ZXHN H108L with firmware 4.0.0dZRQGR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/accesscwmp1...

5CVSS6.6AI score0.17726EPSS
Exploits3References6
OpenVAS
OpenVASadded 2014/11/13 12:0 a.m.277 views

Oracle E-Business Suite/Oracle Forms RCE Vulnerability (Oct 2014) - Active Check

Oracle E-Business Suite/Oracle Forms is prone to a remote code execution RCE vulnerability in the Oracle Applications Technology Stack. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

7.5CVSS6.8AI score0.01231EPSS
Exploits1References2
securityvulns
securityvulnsadded 2014/11/10 12:0 a.m.46 views

Vulnerabilities in D-Link DAP-1360

Hello 3APA3A! There are Abuse of Functionality, Brute Force and Cross-Site Request Forgery vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This...

0.3AI score
Exploits0
WPVulnDB
WPVulnDBadded 2014/11/04 12:0 a.m.17 views

Ninja Forms 2.8.6 - Reflected Cross-Site Scripting (XSS)

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

1.7AI score
Exploits0References1Affected Software1
NVD
NVDadded 2014/10/20 10:55 a.m.15 views

CVE-2014-7573

The droid Survey Offline Forms aka com.contact.droidSURVEY application 2.5.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00134EPSS
Exploits0References3
CVE
CVEadded 2014/10/20 10:0 a.m.37 views

CVE-2014-7573

The CVE-2014-7573 entry concerns the Android app “droid Survey Offline Forms” (com.contact.droidSURVEY) version 2.5.2, which fails to verify X.509 certificates from SSL servers. This misimplementation enables man-in-the-middle attackers to spoof the server and exfiltrate sensitive data via a craf...

5.4CVSS6AI score0.00134EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2014/10/15 3:55 p.m.20 views

CVE-2014-4278

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms...

7.5CVSS5.7AI score0.01231EPSS
Exploits1References4
Prion
Prionadded 2014/10/15 3:55 p.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms...

7.5CVSS6.3AI score0.01231EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2014/10/15 3:15 p.m.87 views

CVE-2014-4278

CVE-2014-4278 concerns Oracle E-Business Suite (12.0.6, 12.1.3, 12.2.2–12.2.4) where the Oracle Applications Technology Stack/Oracle Forms is affected. It describes an unspecified remote vulnerability with impact to confidentiality, integrity, and availability via unknown vectors related to Oracl...

7.5CVSS5.9AI score0.01231EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2014/10/15 3:15 p.m.34 views

CVE-2014-4278

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms...

5.7AI score0.01231EPSS
Exploits1References4
WPVulnDB
WPVulnDBadded 2014/10/13 12:0 a.m.15 views

Smart Forms 2.1.0 - Cross-Site Scripting (XSS)

The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

1.3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder