CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7649 matches found

OSV•added 2022/09/22 12:0 a.m.•12 views

GHSA-QRQM-574X-Q7F2 Awesome Support vulnerable to persistent cross-site scripting

Multiple Authenticated custom specific plugin role Persistent Cross-Site Scripting XSS vulnerability in Awesome Support plugin = 6.0.7 at WordPress...

5.4CVSS5.2AI score0.0047EPSS

Exploits0References6

Github Security Blog•added 2022/09/22 12:0 a.m.•26 views

Awesome Support vulnerable to persistent cross-site scripting

Multiple Authenticated custom specific plugin role Persistent Cross-Site Scripting XSS vulnerability in Awesome Support plugin = 6.0.7 at WordPress...

5.4CVSS5.1AI score0.0047EPSS

Exploits0References6Affected Software1

NVD•added 2022/09/21 8:15 p.m.•16 views

CVE-2022-38073

Multiple Authenticated custom specific plugin role Persistent Cross-Site Scripting XSS vulnerability in Awesome Support plugin = 6.0.7 at WordPress...

5.4CVSS0.0047EPSS

Exploits0References2

Prion•added 2022/09/21 8:15 p.m.•15 views

Cross site scripting

Multiple Authenticated custom specific plugin role Persistent Cross-Site Scripting XSS vulnerability in Awesome Support plugin = 6.0.7 at WordPress...

4.9CVSS5.2AI score0.0047EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/09/21 7:7 p.m.•13 views

CVE-2022-38073 WordPress Awesome Support plugin <= 6.0.7 - Multiple Authenticated Persistent XSS (Additional Interested Parties)

Multiple Authenticated custom specific plugin role Persistent Cross-Site Scripting XSS vulnerability in Awesome Support plugin = 6.0.7 at WordPress...

5.4CVSS5.5AI score0.0047EPSS

Exploits0References2

CVE•added 2022/09/21 7:7 p.m.•84 views

CVE-2022-38073

CVE-2022-38073 affects the WordPress Awesome Support plugin (versions ≤ 6.0.7). The root cause is insufficient sanitization of the ticket title, enabling a stored XSS by users with a custom plugin role (authenticated). The impact is persistent cross-site scripting within the plugin context. Advis...

5.4CVSS5.2AI score0.0047EPSS

Exploits0References2Affected Software1

OSSF Malicious Packages•added 2022/09/16 1:26 a.m.•3 views

Malicious code in burningred (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46fa626c16108862bd0e44c8161a4b0f9b8fae722e62fb13d45049770eff6cd7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

NVD•added 2022/09/14 11:15 a.m.•12 views

CVE-2022-37139

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability...

5.4CVSS0.00491EPSS

Exploits2References2

Prion•added 2022/09/14 11:15 a.m.•12 views

Cross site scripting

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability...

4.9CVSS5.4AI score0.00491EPSS

Exploits2References2Affected Software1

Cvelist•added 2022/09/14 3:31 a.m.•13 views

CVE-2022-37139

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability...

5.6AI score0.00491EPSS

Exploits2References2

Cvelist•added 2022/09/13 6:50 p.m.•17 views

CVE-2022-39207 Persistent XSS in OneDev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. During CI/CD builds, it is possible to save build artifacts for later retrieval. They can be accessed through OneDev's web UI after the successful run of a build. These artifact files are served by the webserver in the same...

5.4CVSS5.9AI score0.00722EPSS

Exploits1References3

CNNVD•added 2022/09/12 12:0 a.m.•6 views

Hotel Management System 跨站脚本漏洞

Hotel Management System is a hotel management system based MIS project by Prem Chand Saini, an individual developer in India. A security vulnerability exists in Hotel Management System version 1.0, which stems from multiple persistent cross-site scripting XSS vulnerabilities in index.php. An...

5.4CVSS5.6AI score0.00598EPSS

Exploits1References3

Malwarebytes•added 2022/09/07 10:45 p.m.•42 views

Evasive Shikitega Linux malware drops Monero cryptominer

Researchers from the AT&T Alien Labs Resarch have discovered a new and stealthy Linux malware it's dubbed Shikitega. Once it's on a machine or device, Shitega executes a "multistage infection chain" involving small files, a couple of vulnerabilities, and the use of Mettle, a portable Metasploit...

7.2CVSS1.2AI score0.94921EPSS

Exploits178

RedHat Linux•added 2022/09/06 2:14 p.m.•41 views

Moderate: Red Hat Security Advisory: VolSync 0.5 security fixes and updates

VolSync v0.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. VolSync v0.5 VolSyn...

7.5CVSS6.9AI score0.03931EPSS

Exploits4References12

OSV•added 2022/09/02 5:15 a.m.•5 views

CVE-2022-36637

Garage Management System v1.0 was discovered to contain a persistent cross-site scripting XSS vulnerability via the brandname parameter at /brand.php...

5.4CVSS5.7AI score0.00464EPSS

Exploits1References2

RedHat Linux•added 2022/09/01 1:24 a.m.•41 views

Moderate: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update

OpenShift API for Data Protection OADP 1.1.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS7AI score0.05994EPSS

Exploits2References46

CNNVD•added 2022/08/25 12:0 a.m.•3 views

Centreon 跨站脚本漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon version 22.04.0, which stems from a persistent...

5.4CVSS5.5AI score0.00737EPSS

Exploits4References5

RedHat Linux•added 2022/08/24 1:43 p.m.•64 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement & bugfix update

Updated packages that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...

7.8CVSS7AI score0.05335EPSS

Exploits1References6

OSV•added 2022/08/23 4:15 p.m.•2 views

CVE-2022-34658

Multiple Authenticated contributor+ Persistent Cross-Site Scripting XSS vulnerabilities in W3 Eden Download Manager plugin = 3.2.48 at WordPress...

5.4CVSS5.8AI score0.00449EPSS

Exploits0References2

Prion•added 2022/08/23 4:15 p.m.•15 views

Cross site scripting

Multiple Authenticated contributor+ Persistent Cross-Site Scripting XSS vulnerabilities in W3 Eden Download Manager plugin = 3.2.48 at WordPress...

4.9CVSS5.4AI score0.00449EPSS

Exploits0References2Affected Software1