CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5079 matches found

Positive Technologies•added 2017/07/31 12:0 a.m.•2 views

PT-2017-2624

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal and Web Content Manager versions 7.0 through 9.0 Description The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure...

6.1CVSS6.2AI score0.01274EPSS

Exploits0References7

CNVD•added 2017/07/28 12:0 a.m.•1 views

Cagintranet Networks GetSimple CMS Cross-Site Scripting Vulnerability

Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in Cagintranet Networks GetSimple CMS...

6.3AI score

Exploits0References1

CNVD•added 2017/07/27 12:0 a.m.•2 views

NexusPHP Cross-Site Scripting Vulnerability (CNVD-2017-26595)

NexusPHP is a resource sharing community solution written in PHP developed by the Nexus team in China. A cross-site scripting vulnerability exists in NexusPHP version 1.5. A remote attacker can use the javascript: or data: URL in the UBBCode url tag to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.00671EPSS

Exploits1References1

CNVD•added 2017/07/25 12:0 a.m.•1 views

IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2017-25756)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WAS. A...

5.4CVSS5.6AI score0.01049EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•3 views

IBM Rhapsody DM Cross-Site Scripting Vulnerability

IBM Rhapsody Design Manager DM is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models, as well as software to automate design reviews. A cross-site...

5.4CVSS5.5AI score0.0072EPSS

Exploits0References1

CNVD•added 2017/07/25 12:0 a.m.•3 views

IBM Rational Software Architect Design Manager Cross-Site Scripting Vulnerability

5.4CVSS5.5AI score0.0054EPSS

Exploits0References1

Veracode•added 2017/07/24 9:19 p.m.•4 views

Cross-Site Scripting (XSS)

marked is vulnerable to cross-site scripting XSS attacks. The library does not sanitize strings encoded in base64, allowing a malicious user to inject and execute arbitrary javascript...

6.1AI score

Exploits0

CNVD•added 2017/07/20 12:0 a.m.•2 views

IBM Tivoli Endpoint Manager Cross-Site Scripting Vulnerability (CNVD-2017-21771)

IBM BigFix platform is a dynamic set of IBM's integrated messaging content-driven and management system multi-technology platform. A cross-site scripting vulnerability exists in IBM BigFix Platform. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript code into the Web ...

6.1CVSS6.4AI score0.01317EPSS

Exploits0References1

NVD•added 2017/07/17 1:18 p.m.•20 views

CVE-2017-2335

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

8.4CVSS6.7AI score0.01078EPSS

Exploits0References3

Prion•added 2017/07/17 1:18 p.m.•16 views

Cross site scripting

3.5CVSS5.5AI score0.01078EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/07/14 2:0 p.m.•34 views

CVE-2017-2336 ScreenOS: XSS vulnerability in ScreenOS Firewall

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker...

9.6CVSS7.3AI score0.01194EPSS

Exploits0References3

Cvelist•added 2017/07/14 2:0 p.m.•33 views

CVE-2017-2338 ScreenOS: XSS vulnerability in ScreenOS Firewall

8.4CVSS7.2AI score0.01078EPSS

Exploits0References3

CNVD•added 2017/07/14 12:0 a.m.•3 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. A remote attacker could use this...

5.4CVSS5.5AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/14 12:0 a.m.•0 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability (CNVD-2017-23341)

5.4CVSS5.5AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•2 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability

IBM Emptoris Sourcing is a source-to-contract solution from the US company. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM...

5.4CVSS6.4AI score0.00974EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•2 views

IBM Emptoris Sourcing Cross-Site Scripting Vulnerability (CNVD-2017-21231)

IBM Emptoris Sourcing is a source-to-contract solution from IBM USA. The solution helps organizations get affordable prices and greater value from suppliers by examining factors such as cost, risk and performance in sourcing decisions. A cross-site scripting vulnerability exists in IBM Emptoris...

5.4CVSS6.4AI score0.00729EPSS

Exploits0References1

CNVD•added 2017/07/13 12:0 a.m.•3 views

IBM Information Server Framework and InfoSphere Information Server on Cloud Cross-Site Scripting Vulnerability

IBM Information Server Framework and InfoSphere Information Server on Cloud are both products of the U.S. company IBM. The former is a set of data integration platform framework; the latter is a set of cloud-based data integration platform. A cross-site scripting vulnerability exists in IBM...

6.1CVSS6.2AI score0.0098EPSS

Exploits0References1

CNVD•added 2017/07/07 12:0 a.m.•2 views

Huawei OceanStor UDS DeviceManager Information Disclosure Vulnerability

Huawei OceanStor UDS is a high-density storage node and distributed storage system based on ARM architecture from Huawei, China.DeviceManager is one of the device management tools. A security vulnerability exists in DeviceManager in Huawei OceanStor UDS V100R002C01SPC101 and earlier versions. A...

7.5CVSS7.6AI score0.00958EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•8 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-15922)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. A remote attacker can exploit this vulnerability to...

5.4CVSS6.5AI score0.00741EPSS

Exploits0References1

CNVD•added 2017/07/05 12:0 a.m.•2 views

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2017-15930)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes easy UI customization, report management and discovery and a streamlined audit process builder. A cross-site scripting vulnerability exists in IBM Security...

6.1CVSS6.4AI score0.00842EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by