CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-27997

Malware in sbrugna...

5.4CVSS5.6AI score0.00313EPSS

RedhatCVE•added 2025/05/22 4:46 p.m.•4 views

CVE-2020-6854

A cross-site scripting XSS vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API...

5.4CVSS5.6AI score0.00313EPSS

RedhatCVE•added 2025/05/22 4:46 p.m.•3 views

CVE-2020-6856

An XML External Entity XEE vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1.12 and 1.13.2 allows attackers to read files from the server via an entity declaration in any of the XML documents that are used to specify the run-time settings of jobs and orders...

6.5CVSS6.8AI score0.00425EPSS

RedhatCVE•added 2025/05/22 4:46 p.m.•5 views

CVE-2020-6855

A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to parameterize housekeeping jobs in a way that exhausts system resources and results in a denial of service...

6.8CVSS6.9AI score0.00467EPSS

NVD•added 2023/07/13 11:15 p.m.•19 views

CVE-2023-37272

JS7 is an Open Source Job Scheduler. Users specify file names when uploading files holding user-generated documentation for JOC Cockpit. Specifically crafted file names allow an XSS attack to inject code that is executed with the browser. Risk of the vulnerability is considered high for branch 1....

6.3CVSS0.00298EPSS

Vulnrichment•added 2023/07/13 10:28 p.m.•10 views

CVE-2023-37272 XSS vulnerability in JOC Cockpit branch 1.13

6.3CVSS6.2AI score0.00298EPSS

OSV•added 2023/07/13 10:28 p.m.•17 views

CVE-2023-37272 XSS vulnerability in JOC Cockpit branch 1.13

6.3CVSS5.4AI score0.00298EPSS

Exploits0References4

NVD•added 2020/02/06 5:15 p.m.•8 views

CVE-2020-6855

6.8CVSS6.4AI score0.00467EPSS

OSV•added 2020/02/06 5:15 p.m.•0 views

CVE-2020-6855

6.5CVSS6.6AI score

Prion•added 2020/02/06 5:15 p.m.•15 views

Xxe

4CVSS6.3AI score0.00425EPSS

Cvelist•added 2020/02/06 4:31 p.m.•13 views

CVE-2020-6855

6.4AI score0.00467EPSS

CVE•added 2020/02/06 4:31 p.m.•45 views

CVE-2020-6855

CVE-2020-6855 affects SOS JobScheduler’s JOC Cockpit component (versions 1.11 and 1.13.2). The vulnerability is a large or infinite loop triggered by parameterizing housekeeping jobs, leading to resource exhaustion and denial of service. NVD reports a CVSSv3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI...

6.8CVSS6.3AI score0.00467EPSS

Cvelist•added 2020/02/06 4:22 p.m.•11 views

CVE-2020-6856

6.4AI score0.00425EPSS

NVD•added 2020/02/05 9:15 p.m.•9 views

CVE-2020-6854

5.4CVSS5.3AI score0.00313EPSS

Prion•added 2020/02/05 9:15 p.m.•9 views

Cross site scripting

3.5CVSS5.2AI score0.00313EPSS

CVE•added 2020/02/05 8:22 p.m.•54 views

CVE-2020-6854

The provided connected documents confirm a cross-site scripting (XSS) vulnerability in the SOS JobScheduler JOC Cockpit component, affecting versions 1.11 and 1.13.2. The root cause is input handling that allows JSON properties from the REST API to be interpreted as executable client-side script ...

5.4CVSS5.2AI score0.00313EPSS

Cvelist•added 2020/02/05 8:22 p.m.•17 views

CVE-2020-6854

5.3AI score0.00313EPSS