CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4584 matches found

CNVD•added 2018/06/27 12:0 a.m.•1 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2018-12400)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 59, where the program fails to properly validate user-submitted input. The vulnerability can be exploited by a...

6.1CVSS7.2AI score0.00938EPSS

Exploits0References1

OSV•added 2018/06/26 2:29 p.m.•2 views

CVE-2018-0565

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00809EPSS

Exploits0References2

CNVD•added 2018/06/25 12:0 a.m.•1 views

MyBB Recent Threads plugin cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL.Recent Threads plugin is used in which a plugin for displaying recent and unread messages. A cross-site scripting vulnerability exists in versions of the MyBB Recent Threads plugin prior...

5.4CVSS5.3AI score0.01683EPSS

Exploits5References1

CNVD•added 2018/06/22 12:0 a.m.•2 views

phpMyAdmin cross-site scripting vulnerability (CNVD-2018-11976)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in the...

6.1CVSS6.2AI score0.01818EPSS

Exploits0References1

CNVD•added 2018/06/20 12:0 a.m.•1 views

Open Monograph Press Cross-Site Scripting Vulnerability

Public Knowledge Project PKP Open Monograph Press OMP is an open source software platform for scholarly publishing. The platform is used to manage and edit workflows to produce and distribute scholarly publications through internal and external review and editing. A cross-site scripting...

6.1CVSS5.9AI score0.01625EPSS

Exploits1References1

CNVD•added 2018/06/19 12:0 a.m.•3 views

CA Privileged Access Manager Cross-Site Scripting Vulnerability

CA Privileged Access Manager is a privileged access manager from CA USA that centralizes privileged user policies across multiple physical and virtual environments and manages and controls access used to IT resources. A cross-site scripting vulnerability exists in version 2.x of CA Privileged...

6.1CVSS6AI score0.00899EPSS

Exploits0References1

ATTACKERKB•added 2018/06/18 6:29 p.m.•3 views

CVE-2018-9027

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link...

6.1CVSS5.4AI score0.00899EPSS

Exploits0References3Affected Software1

IBM Security Bulletins•added 2018/06/16 1:14 p.m.•17 views

Security Bulletin: Multiple vulnerabilities in IBM SPSS Collaboration and Deployment Services

Summary Multiple vulnerabilities exist in IBM SPSS Collaboration and Deployment Services. See the individual descriptions for details. Vulnerability Details VULNERABILITY DETAILS: CVEID: CVE-2013-4044 DESCRIPTION: An authenticated remote attacker can send a HTTP request to retrieve the content of...

5.8CVSS0.5AI score0.01458EPSS

Exploits0Affected Software1

CNVD•added 2018/06/14 12:0 a.m.•2 views

Samsung Web Viewer for Samsung DVR Cross-Site Scripting Vulnerability

Samsung smart Viewer is a TV connectivity software from Samsung. A cross-site scripting vulnerability in Samsung Web Viewer for Samsung DVR allows remote attackers to inject arbitrary web script or HTML using the vulnerability...

6.1CVSS6AI score0.01574EPSS

Exploits2References1

CNVD•added 2018/06/13 12:0 a.m.•2 views

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2018-11638)

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A cross-site scripting vulnerability exists in Sonatype NXRM versions prior to 3.12.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the Administration UI...

4.8CVSS4.8AI score0.01338EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•3 views

Ximdex Cross-Site Scripting Vulnerability

Ximdex is a content and data management system. The system includes features such as an intelligent search engine, information aggregation, image and text recognition. A cross-site scripting vulnerability exists in the account creation page in Ximdex version 4.0. A remote attacker can exploit thi...

6.1CVSS5.8AI score0.00822EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•2 views

Synology Drive File Sharing Notify Toast Cross-Site Scripting Vulnerability

Synology Drive is a collaboration suite from Synology that includes document management, collaboration and file synchronization and backup features.File Sharing Notify Toast is one of the file sharing components. A cross-site scripting vulnerability exists in File Sharing Notify Toast in Synology...

6.5CVSS6.2AI score0.00803EPSS

Exploits0References1

CNVD•added 2018/06/05 12:0 a.m.•3 views

Mozilla Firefox Design Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the Live Bookmark page and PDF reader in versions of Mozilla Firefox prior to 60. A remote attacker can exploit this vulnerability by performing a social...

4.3CVSS8.9AI score0.01623EPSS

Exploits0References1

CNVD•added 2018/05/31 12:0 a.m.•1 views

i18next Cross-Site Scripting Vulnerability

i18next is a translation loading framework written in JavaScript. A cross-site scripting vulnerability exists in i18next 2.0.0 and later versions, which stems from the program failing to encode user input. A remote attacker can exploit the vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.01017EPSS

Exploits1References1

CNVD•added 2018/05/31 12:0 a.m.•2 views

ClipperCMS Cross-Site Scripting Vulnerability (CNVD-2018-10866)

ClipperCMS is a content management system CMS. A cross-site scripting vulnerability exists in the 'Module name' field under the 'Modules - Manage modules - edit' tag in ClipperCMS version 1.3.3. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

5.4CVSS6.2AI score0.00667EPSS

Exploits1References1

CNVD•added 2018/05/30 12:0 a.m.•1 views

MyBB Moderator Log Notes Plugin Cross-Site Scripting Vulnerability

MyBB aka MyBulletinBoard is MyBB team developed a set of PHP and MySQL development of free and Web-based forum software . Moderator Log Notes plugin is used in which a management log records plugin . A cross-site scripting vulnerability exists in version 1.1 of the MyBB Moderator Log Notes plugin...

5.4CVSS6.1AI score0.00589EPSS

Exploits1References1

CNVD•added 2018/05/25 12:0 a.m.•2 views

Micro Focus Universal CMDB, CMS and UCMDB Browser Cross-Site Scripting Vulnerabilities

Micro Focus Universal CMDB, CMS and UCMDB Browser are all products of Micro Focus, a UK-based company. Micro Focus Universal CMDB is a resource management solution; CMS is a CMDB configuration management system; UCMDB Browser is a lightweight, web-based client for accessing UCMDB Universal...

6.3CVSS6.2AI score0.00653EPSS

Exploits0References1

CNVD•added 2018/05/21 12:0 a.m.•4 views

ILIAS Cross-Site Scripting Vulnerability (CNVD-2018-10349)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in the error.php page in versions 5.3.x prior to ILIAS 5.3.4 and 5.2.x. A remote attacker can...

6.1CVSS6AI score0.00854EPSS

Exploits0References1

CNVD•added 2018/05/21 12:0 a.m.•2 views

HPE UCMDB Configuration Manager Software Cross-Site Scripting Vulnerability

HPE UCMDB full name Universal CMDB is the United States Hewlett Packard Enterprise HPE company's set of resource management solutions. The solution provides from the bottom up including IT infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis, etc...

6.1CVSS6.8AI score0.00913EPSS

Exploits0References1

CNVD•added 2018/05/17 12:0 a.m.•3 views

WordPress Imagely NextGEN Gallery Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Imagely NextGen Gallery is one of the gallery management systems. A cross-site scripting vulnerability exists in Image Alt &...

4.8CVSS6.3AI score0.00584EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by