CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

254 matches found

CNVD•added 2019/11/14 12:0 a.m.•3 views

SITOS six Build Cross-Site Scripting Vulnerability

SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A cross-site scripting vulnerability exists in the blog feature in SITOS six Build v6.2.1. The vulnerability stems from the WEB application lacking proper...

6.1CVSS6.4AI score0.01021EPSS

Exploits0References1

CNVD•added 2019/11/13 12:0 a.m.•4 views

SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2019-42431)

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site scripting vulnerability exists in SAP Business Objects...

5.4CVSS6.3AI score0.00526EPSS

Exploits0References1

CNVD•added 2019/11/08 12:0 a.m.•1 views

Plataformatec Simple Form Input Validation Error Vulnerability

Plataformatec Simple Form is a form builder from Plataformatec Brazil. An input validation error vulnerability exists in Plataformatec Simple Form. The vulnerability originates from a network system or product that does not properly validate input data. Detailed vulnerability details are not...

9.8CVSS6.9AI score0.034EPSS

Exploits1References1

CNVD•added 2019/11/05 12:0 a.m.•4 views

JetBrains YouTrack Cross-Site Scripting Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in versions prior to JetBrains YouTrack...

6.1CVSS6.3AI score0.01051EPSS

Exploits0References1

CNVD•added 2019/10/12 12:0 a.m.•3 views

Jiangnan Online Judge Cross-Site Scripting Vulnerability (CNVD-2019-36846)

Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...

6.1CVSS6.6AI score0.01058EPSS

Exploits1References1

CNVD•added 2019/10/11 12:0 a.m.•4 views

WordPress wpDataTables Lite plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wpDataTables Lite is a chart management plugin used in it. A cross-site scripting vulnerability exists in WordPress wpDataTables Lite...

6.1CVSS6.2AI score0.00943EPSS

Exploits0References1

CNVD•added 2019/09/29 12:0 a.m.•1 views

Couchbase Server Code Injection Vulnerability

Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . A code injection vulnerability exists in Couchbase Server version 5.1.1. The...

9.8CVSS7.5AI score0.02139EPSS

Exploits0References1

CNVD•added 2019/09/20 12:0 a.m.•4 views

formcraft3 plugin for WordPress cross-site scripting vulnerability

formcraft3 plugin for WordPress is a drag and drop form builder plugin for use in WordPress. A cross-site scripting vulnerability exists in formcraft3 plugin for WordPress versions prior to 3.4. The vulnerability stems from the WEB application failing to properly validate client-side data. An...

5.4CVSS6.2AI score0.00696EPSS

Exploits1References1

CNVD•added 2019/08/29 12:0 a.m.•2 views

WordPress timesheet plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress timesheet plugin versions prior to 0.1.5. The...

6.1CVSS6.3AI score0.01404EPSS

Exploits1References1

CNVD•added 2019/08/15 12:0 a.m.•3 views

SugarCRM Enterprise Cross-Site Scripting Vulnerability

SugarCRM Enterprise is an enterprise version of an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and information sharing and tracking of sales...

6.1CVSS6.2AI score0.31043EPSS

Exploits1References1

CNVD•added 2019/08/09 12:0 a.m.•1 views

verdaccio cross-site scripting vulnerability

verdaccio is a lightweight private npm registry. A cross-site scripting vulnerability exists in versions prior to verdaccio 3.12.0, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...

6.1CVSS6.4AI score0.00865EPSS

Exploits1References1

CNVD•added 2019/07/30 12:0 a.m.•2 views

Central Dogma Cross-Site Scripting Vulnerability

Central Dogma is an open source service configuration version control repository based on Git, ZooKeeper and HTTP/2. A cross-site scripting vulnerability exists in Central Dogma versions 0.17.0 through 0.40.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

6.1CVSS6.4AI score0.0115EPSS

Exploits0References1

CNVD•added 2019/07/23 12:0 a.m.•2 views

RANGER Studio Directus Cross-Site Scripting Vulnerability

RANGER Studio Directus is the United States RANGER Studio company's set of open source for managing custom databases open source headless CMS and API. A cross-site scripting vulnerability exists in the interfaces/markdown/input.vue file in RANGER Studio Directus version 7 prior to Application...

5.3CVSS6.4AI score0.01103EPSS

Exploits0References1

CNVD•added 2019/06/26 12:0 a.m.•3 views

TYPO3 Cross-Site Scripting Vulnerability (CNVD-2019-19310)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 versions 8.3.0 through 8.7.26 and 9.0.0 through 9.5.7. The vulnerability stems from a lack of proper validation of client-side data by t...

6.1CVSS6.4AI score0.00685EPSS

Exploits0References1

CNVD•added 2019/06/24 12:0 a.m.•4 views

STOPzilla AntiMalware Denial of Service Vulnerability (CNVD-2019-19486)

STOPzilla AntiMalware is a set of antivirus software from the American company STOPzilla that is mainly used for malware detection and killing. A denial of service vulnerability exists in the szkg64.sys driver file in STOPzilla AntiMalware version 6.5.2.59. The vulnerability originates from a...

5.5CVSS6.7AI score0.00434EPSS

Exploits1References1

CNVD•added 2019/06/18 12:0 a.m.•1 views

MyBB Cross-Site Scripting Vulnerability (CNVD-2019-18514)

MyBB MyBulletinBoard is a free and Web-based forum software developed by MyBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A cross-site scripting vulnerability exists in MyBB versions prior to 1.8.21. The vulnerability stems...

8.7CVSS6.4AI score0.00983EPSS

Exploits1References1

CNVD•added 2019/06/12 12:0 a.m.•3 views

CloudBees Jenkins ElectricFlow Plugin Cross-Site Scripting Vulnerability (CNVD-2019-22636)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . ElectricFlow Plugin is used in one of the...

5.4CVSS6.4AI score0.01133EPSS

Exploits0References1

CNVD•added 2019/05/29 12:0 a.m.•3 views

ZOHO ManageEngine Application Manager Cross-Site Scripting Vulnerability

ZOHO ManageEngine Application Manager is a set of application monitoring and management system of the United States ZhuoHao ZOHO company. The system is mainly used to monitor server and application performance. A cross-site scripting vulnerability exists in ZOHO ManageEngine Application Manager...

6.1CVSS6.4AI score0.02796EPSS

Exploits1References1

CNVD•added 2019/04/19 12:0 a.m.•2 views

Foxit Studio Photo Information Disclosure Vulnerability

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A security vulnerability exists in the handling of TIF files in Foxit Studio Photo 3.6.6.779 and prior versions, which is caused by the program failing to properly validate user-submitted data. An attacker...

5.5CVSS6.6AI score0.02649EPSS

Exploits0References1

Prion•added 2019/01/18 10:29 p.m.•17 views

Buffer overflow

Improper data length check while processing an event report indication can lead to a buffer overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660...

7.2CVSS7.8AI score0.00228EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by