CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

EUVD•added 2026/06/09 6:30 p.m.•8 views

EUVD-2026-35604

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

5.4CVSS5.5AI score0.00207EPSS

Exploits0References2

NVD•added 2026/06/09 5:17 p.m.•7 views

CVE-2026-47973

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS0.00224EPSS

Exploits0References1

NVD•added 2026/06/09 5:17 p.m.•10 views

CVE-2026-47935

5.4CVSS0.00207EPSS

Exploits0References1

Vulnrichment•added 2026/06/09 4:48 p.m.•8 views

CVE-2026-48268 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.5AI score0.00207EPSS

Exploits0References1

CVE•added 2026/06/09 4:48 p.m.•17 views

CVE-2026-47951

Adobe Experience Manager (AEM) on versions 6.5.24, LTS SP1, 2026.04 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability in vulnerable form fields. A low-privileged attacker can inject malicious scripts that are executed in the victim’s browser when visiting a page contain...

5.4CVSS5.5AI score0.00224EPSS

Exploits0References1Affected Software1

CVE•added 2026/06/09 4:48 p.m.•18 views

CVE-2026-47987

Adobe Experience Manager (AEM) prior to certain updates is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. Affected versions: AEM 6.5.24, LTS SP1, 2026.04 and earlier. The issue allows an attacker to manipulate the DOM to execute malicious JavaScript in the victim’s browser, req...

5.4CVSS5.5AI score0.00207EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/06/09 12:0 a.m.•12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS5.1AI score0.00224EPSS

Exploits0References1

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-48087

5.4CVSS5.5AI score0.00207EPSS

Exploits0References2

Positive Technologies•added 2026/06/09 12:0 a.m.•12 views

PT-2026-48090

5.4CVSS5.5AI score0.00207EPSS

Exploits0References2

Positive Technologies•added 2026/06/09 12:0 a.m.•13 views

PT-2026-48091

5.4CVSS5.5AI score0.00283EPSS

Exploits0References2

Positive Technologies•added 2026/06/09 12:0 a.m.•14 views

PT-2026-48056

5.4CVSS5.4AI score0.00224EPSS

Exploits0References2

Cvelist•added 2026/05/04 12:45 a.m.•41 views

CVE-2026-42368 GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

9.9CVSS0.00348EPSS

Exploits0References2

Positive Technologies•added 2026/04/13 12:0 a.m.•8 views

PT-2026-32446

Name of the Vulnerable Software and Affected Versions Decidim versions prior to 0.30.5 Decidim versions 0.31.0.rc1 through 0.31.0 Description A stored code execution issue in the user name field allows a low-privileged attacker to execute arbitrary code in the context of any user who passively...

9.3CVSS6.5AI score0.00356EPSS

Exploits0References9

RedhatCVE•added 2025/12/11 7:0 p.m.•10 views

CVE-2025-64538

Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by injecting malicious scripts into a web page that are executed in the context of the...

9.3CVSS6.4AI score0.00533EPSS

Exploits0References1

NVD•added 2025/12/10 7:16 p.m.•4 views

CVE-2025-64537

9.3CVSS0.00698EPSS

Exploits0References1

RedhatCVE•added 2025/10/15 8:41 p.m.•5 views

CVE-2025-54266

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript ma...

4.8CVSS5.6AI score0.00247EPSS

Exploits0References1

OSV•added 2025/10/14 9:30 p.m.•3 views

GHSA-PCRX-R49H-X2W5 Magento vulnerable to stored Cross-Site Scripting (XSS)

Magento versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be...

4.8CVSS5.7AI score0.00247EPSS

Exploits0References3

OSV•added 2025/10/14 9:15 p.m.•2 views

CVE-2025-54266

4.8CVSS5.7AI score

Exploits0References1

Cvelist•added 2025/10/14 8:27 p.m.•7 views

CVE-2025-54266 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79)

4.8CVSS0.00247EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-49395