CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability in the Aruba Virtual Intranet Access VIA client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access VIA client for Microsoft Windows...

5.9CVSS6.5AI score0.00278EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:14 a.m.•4 views

CVE-2019-19891

An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack. A successful exploit may allow the attacker to intercept sensitive information...

5.9CVSS6.8AI score0.0006EPSS

Exploits0References1

Veracode•added 2025/01/06 2:50 a.m.•3 views

Cleartext Transmission Of Sensitive Information

Keycloak is vulnerable to plain text replication. The vulnerability is due to the environment option KCCACHEEMBEDDEDMTLSENABLED not functioning as intended, resulting in JGroups replication configuration always using plain text, which allows attackers on adjacent networks to intercept and read...

5.7CVSS6.4AI score0.0003EPSS

Exploits0References11Affected Software1

Kaspersky•added 2024/11/09 12:0 a.m.•18 views

KLA77342 XSS vulnerability in Apache Tomcat

Cross-site scripting XSS vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Apache Tomcat 9.0 vulnerabilities Exploitation Public exploits exist for this vulnerability. Related products Apache-Tomcat...

6.1CVSS5.7AI score0.15467EPSS

Exploits1References3

Positive Technologies•added 2022/09/06 12:0 a.m.•1 views

PT-2022-16187 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: Aruba Virtual Intranet Access VIA client for Microsoft Windows operating system versions 4.3.0 build 2208101 and below Description: A vulnerability in the Aruba Virtual Intranet Access VIA client for Microsoft Windows operating system client...

5.9CVSS5.5AI score0.00278EPSS

Exploits0References3

Kaspersky•added 2022/01/11 12:0 a.m.•22 views

KLA12420 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1. Cross-site scripting XSS vulnerability in Microsoft Dynamics 365 Customer...

7.6CVSS5.2AI score0.0365EPSS

Exploits0References5

Kaspersky•added 2021/09/14 12:0 a.m.•27 views

KLA12287 XSS vulnerability in Microsoft Dynamics

A cross-site-scripting XSS vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories CVE-2021-40440 Related products Microsoft-Dynamics-365 CVE list CVE-2021-40440 unknown KB list 5006076 5006075...

5.4CVSS5.6AI score0.00786EPSS

Exploits0References5

NVD•added 2020/05/28 10:15 p.m.•10 views

CVE-2020-13173

Initialization of the pcoipcredentialprovider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installin...

7.8CVSS7.7AI score0.00045EPSS

Exploits0References1

Cvelist•added 2020/05/28 9:5 p.m.•10 views

CVE-2020-13173

7.8AI score0.00045EPSS

Exploits0References1

CVE•added 2020/01/13 5:39 p.m.•50 views

CVE-2019-19891

CVE-2019-19891 concerns an encryption key vulnerability in Mitel SIP-DECT wireless devices (firmware versions 8.0 and 8.1) that could allow an attacker to perform a man-in-the-middle (MITM) attack and potentially intercept sensitive information. The CVE is referenced across multiple sources (NVD,...

5.9CVSS5.6AI score0.0006EPSS

Exploits0References2Affected Software1

Kaspersky•added 2019/01/09 12:0 a.m.•33 views

KLA12056 XSS vulnerability in Cisco Jabber

A cross-site scripting XSS vulnerability was found in Cisco Jabber. Malicious users can exploit this vulnerability to perform cross-site scripting attack. Original advisories Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability Related products Cisco-Jabber CVE list...

5.4CVSS5.1AI score0.00179EPSS

Exploits0References3

CVE•added 2017/07/31 1:0 p.m.•55 views

CVE-2017-11743

MEDHOST Connex (CVE-2017-11743) contains a hard-coded Mirth Connect admin credential ($K8t1ng) used for customer management access. The admin password is plaintext and identical across all installations, created during Connex install, with no option for customers to change it. A remote attacker a...

9.8CVSS9.3AI score0.00786EPSS

Exploits1References2Affected Software1

securityvulns•added 2015/05/25 12:0 a.m.•58 views

Apple Watch multiple security vulnerabilities

Information interception, memory corruptions, code execution, information disclosure, DoS, privilege escalation...

7.5CVSS2.9AI score0.06234EPSS

Exploits4References1Affected Software1

Kaspersky•added 2014/01/10 12:0 a.m.•138 views

KLA10458 Multiple vulnerabilities in HP SMH

Multiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely. Original advisories HP bulletin Related products HP-System-Management-Homepage...

7.5CVSS7.4AI score0.40224EPSS

Exploits8References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by