CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2154 matches found

BDU FSTEC•added 2023/05/29 12:0 a.m.•1 views

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), related to deficiencies in path name restriction, allows a intruder to access confidential data.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, is related to deficiencies in name-based path restrictions. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

7.8CVSS7.2AI score0.01274EPSS

Exploits0References2Affected Software1

GithubExploit•added 2023/05/27 6:43 a.m.•350 views

Exploit for Cross-site Scripting in Ourphp

create a vulnerable Docker environment that is susceptible to...

6.1CVSS6.4AI score0.08115EPSS

Exploits9

NVD•added 2023/05/10 12:15 p.m.•29 views

CVE-2022-45846

Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...

8.8CVSS6.5AI score0.00253EPSS

Exploits0References1

Prion•added 2023/05/10 12:15 p.m.•15 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...

6.8CVSS8.8AI score0.00253EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/05/10 11:8 a.m.•28 views

CVE-2022-45846 WordPress Image Map Pro Plugin < 5.6.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...

5.4CVSS9.1AI score0.00253EPSS

Exploits0References1

CVE•added 2023/05/10 11:8 a.m.•43 views

CVE-2022-45846

The CVE-2022-45846 entry concerns Nickys Image Map Pro for WordPress – Interactive SVG Image Map Builder plugin, vulnerable to Cross-Site Request Forgery (CSRF) in versions older than 5.6.9. Multiple connected sources corroborate a CSRF condition in this plugin prior to 5.6.9, with public advisor...

8.8CVSS7.2AI score0.00253EPSS

Exploits0References1Affected Software1

NVD•added 2023/05/09 10:15 a.m.•14 views

CVE-2023-23793

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...

5.9CVSS5.4AI score0.00392EPSS

Exploits0References1

Prion•added 2023/05/09 10:15 a.m.•18 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...

4.3CVSS4.8AI score0.00392EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/05/09 9:53 a.m.•9 views

CVE-2023-23793 WordPress Read More Without Refresh Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...

5.9CVSS5.8AI score0.00392EPSS

Exploits0References1

CVE•added 2023/05/09 9:53 a.m.•51 views

CVE-2023-23793

Eightweb Interactive Read More Without Refresh plugin (WordPress) versions

5.9CVSS4.9AI score0.00392EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/05/09 9:53 a.m.•16 views

CVE-2023-23793 WordPress Read More Without Refresh Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eightweb Interactive Read More Without Refresh plugin = 3.1 versions...

5.9CVSS5.5AI score0.00392EPSS

Exploits0References1

OSV•added 2023/04/26 12:15 p.m.•3 views

CVE-2023-26286

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421...

7.8CVSS6AI score0.00296EPSS

Exploits0References3

OSV•added 2023/04/25 8:15 p.m.•2 views

CVE-2023-23866

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Carlos Moreira Interactive Geo Maps plugin = 1.5.8 versions...

5.4CVSS6.1AI score0.00393EPSS

Exploits0References1

NVD•added 2023/04/25 8:15 p.m.•26 views

CVE-2023-23866

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Carlos Moreira Interactive Geo Maps plugin = 1.5.8 versions...

6.5CVSS5.8AI score0.00393EPSS

Exploits0References1

Vulnrichment•added 2023/04/25 7:30 p.m.•5 views

CVE-2023-23866 WordPress Interactive Geo Maps Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Carlos Moreira Interactive Geo Maps plugin = 1.5.8 versions...

6.5CVSS6AI score0.00393EPSS

Exploits0References1

Cvelist•added 2023/04/25 7:30 p.m.•26 views

CVE-2023-23866 WordPress Interactive Geo Maps Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Carlos Moreira Interactive Geo Maps plugin = 1.5.8 versions...

6.5CVSS6AI score0.00393EPSS

Exploits0References1

CVE•added 2023/04/25 7:30 p.m.•33 views

CVE-2023-23866

The CVE-2023-23866 entry concerns the WordPress plugin Interactive Geo Maps (Carlos Moreira) ≤ 1.5.8, with a Stored Cross-Site Scripting (XSS) flaw caused by inadequate escaping/validation of shortcode attributes. This allows contributors (and higher) to inject scripts that are persisted in pages...

6.5CVSS5.3AI score0.00393EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/04/25 12:0 a.m.•3 views

WordPress plugin Interactive Geo Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.5CVSS5.5AI score0.00393EPSS

Exploits0References3

CNNVD•added 2023/04/21 12:0 a.m.•3 views

Dassault Systèmes DELMIA Apriso 代码问题漏洞

Dassault Systèmes DELMIA Apriso is an interactive manufacturing application for digital enterprises from Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes DELMIA Apriso versions 2017 through 2022, which stems from a deserialization vulnerability in .NET objects. An...

8.8CVSS8.5AI score0.01044EPSS

Exploits0References2

Ubuntu•added 2023/04/19 6:8 p.m.•92 views

USN-6033-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS6.8AI score0.01377EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by