CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4577 matches found

CNVD•added 2016/09/28 12:0 a.m.•2 views

Apple iOS and Safari Safari Reader Cross Site Scripting Vulnerability

Apple iOS and Safari are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Apple Safari is a web browser that is the default browser shipped with Mac OS X and iOS operating systems; Safari Reader is one of the browser's own Reader component. A cross-site...

6.1CVSS5.5AI score0.005EPSS

Exploits0References1

RedHat Linux•added 2016/09/12 7:39 p.m.•3 views

chromium-browser: universal xss using devtools

Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...

6.1CVSS7.5AI score0.00415EPSS

Exploits0References5

OSV•added 2016/09/11 10:59 a.m.•2 views

CVE-2016-5165

Cross-site scripting XSS vulnerability in the Developer Tools aka DevTools subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a...

6.1CVSS7AI score0.00427EPSS

Exploits0References12

OSV•added 2016/09/11 10:59 a.m.•2 views

CVE-2016-5148

Cross-site scripting XSS vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS UXSS."...

6.1CVSS7AI score

Exploits0References12

OSV•added 2016/09/07 6:59 p.m.•1 views

CVE-2016-7033

Multiple cross-site scripting XSS vulnerabilities in the admin pages in dashbuilder in Red Hat JBoss BPM Suite 6.3.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00216EPSS

Exploits0References3

OSV•added 2016/08/29 5:59 p.m.•2 views

CVE-2016-5721

Multiple cross-site scripting XSS vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/08/23 2:11 a.m.•2 views

CVE-2016-6365

Cross-site scripting XSS vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518...

6.1CVSS5.9AI score0.00398EPSS

Exploits0References2

OSV•added 2016/08/22 10:59 a.m.•2 views

CVE-2016-6359

Cross-site scripting XSS vulnerability in Cisco Transport Gateway Installation Software 4.14.0 on Smart Call Home Transport Gateway devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug IDs CSCva40650 and CSCva40817...

6.1CVSS5.9AI score

Exploits0References2

OSV•added 2016/08/19 9:59 p.m.•2 views

CVE-2016-3195

Cross-site scripting XSS vulnerability in the Web-UI in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References3

OSV•added 2016/08/19 9:59 p.m.•2 views

CVE-2016-3194

Cross-site scripting XSS vulnerability in the address added page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00296EPSS

Exploits0References3

OSV•added 2016/08/09 8:59 p.m.•2 views

CVE-2016-4168

Cross-site scripting XSS vulnerability in Adobe Experience Manager 5.6.1, 6.0, and 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00641EPSS

Exploits0References3

CNVD•added 2016/08/04 12:0 a.m.•1 views

Tenable Network Security Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2016-06082)

Tenable Network Security Tenable Nessus is an open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in versions of Tenable Network Tenable Nessus prior to 6.8, which stems from the software failing to properly filter user-submitted input...

4.8CVSS6.7AI score0.00296EPSS

Exploits0References1

OSV•added 2016/08/03 1:59 a.m.•1 views

CVE-2016-4833

Cross-site scripting XSS vulnerability in the Nofollow Links plugin before 1.0.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00454EPSS

Exploits0References5

CNVD•added 2016/08/02 12:0 a.m.•5 views

Novell Filr Cross-Site Scripting Vulnerability (CNVD-2016-05959)

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A cross-site scripting vulnerability exists in Novell Filr 1.2 Security Update 2 and earlier and 2.0 Security Update 1 and earlier. The vulnerability can be exploited by a remote attacker to inject arbitrary we...

5.4CVSS6AI score0.01356EPSS

Exploits4References1

CNVD•added 2016/07/24 12:0 a.m.•1 views

Collectd-web 'ajax_post.php' cross-site scripting vulnerability

Collectd-web is a set of web-based front-end tools for collectd to collect RRD data. Collectd-web suffers from a cross-site scripting vulnerability that allows remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when...

5.9AI score

Exploits0References1

CNVD•added 2016/07/18 12:0 a.m.•1 views

Cisco WebEx Meetings Server Cross-Site Scripting Vulnerability (CNVD-2016-04942)

Cisco WebEx Meetings Server CWMS is the United States Cisco Cisco WebEx meeting program in a set of multifunctional meeting solutions that include audio, video and Web conferencing. A cross-site scripting vulnerability exists in Cisco WebEx Meetings Server CWMS version 2.6. A remote attacker can...

6.1CVSS6.3AI score0.00296EPSS

Exploits0References1

CNVD•added 2016/07/08 12:0 a.m.•1 views

IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability

IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...

5.4CVSS6.2AI score0.00168EPSS

Exploits0References1

BDU FSTEC•added 2016/07/06 12:0 a.m.•3 views

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the integrity of protected information.

Cross-site scripting XSS in Adobe Pepper Flash for Google Chrome allows malicious individuals to inject any web script or HTML code remotely...

4.3CVSS5.4AI score0.03466EPSS

Exploits0References5Affected Software1

BDU FSTEC•added 2016/07/06 12:0 a.m.•2 views

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this functionality after release in core/dom/ContainerNode.cpp, within the implementation of the object model for documents in Blink for Google Chrome, allows malicious actors who operate remotely to trigger service failures or exert other effects on the system by executing a script...

7.5CVSS7.7AI score0.03248EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2016/07/06 12:0 a.m.•2 views

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the integrity of protected information.

Cross-site scripting XSS in Adobe Pepper Flash for Google Chrome allows malicious individuals to inject any web script or HTML code remotely...

4.3CVSS5.4AI score0.00974EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by