CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6666 matches found

CVE•added 2023/11/02 1:1 p.m.•54 views

CVE-2023-29043

CVE-2023-29043 describes a vulnerability where presentations may contain references to images that are user-controlled, allowing script code to be processed during document editing. The encoding of the relevant attribute is intended to avoid script execution. Concrete details from connected docs ...

6.1CVSS6.2AI score0.00331EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2023/11/02 12:0 a.m.•6 views

PT-2023-22109 · Ox Software Gmbh +1 · Ox App Suite +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Documents operations, specifically "drawing", could be manipulated to contain invalid data types, possibly script code. This script code could be inject...

5.4CVSS5.4AI score0.00383EPSS

Exploits0References7

Positive Technologies•added 2023/11/02 12:0 a.m.•3 views

PT-2023-22108 · Google · Google Docs

Name of the Vulnerable Software and Affected Versions: Google Docs versions prior to the fixed version Description: The issue allows documents operations to be manipulated to contain invalid data types, possibly script code. This could lead to script code injection into an operation that would be...

5.4CVSS5.7AI score0.00383EPSS

Exploits0References7

NVD•added 2023/11/01 5:15 p.m.•20 views

CVE-2023-20206

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due...

6.1CVSS6AI score0.00405EPSS

Exploits0References1

NVD•added 2023/11/01 5:15 p.m.•22 views

CVE-2023-20074

6.1CVSS5.4AI score0.00391EPSS

Exploits0References1

NVD•added 2023/11/01 5:15 p.m.•18 views

CVE-2023-20041

6.1CVSS5.4AI score0.00391EPSS

Exploits0References1

Prion•added 2023/11/01 5:15 p.m.•18 views

Cross site scripting

5.8CVSS6AI score0.00391EPSS

Exploits0References1Affected Software1

Prion•added 2023/11/01 5:15 p.m.•23 views

Cross site scripting

5.8CVSS6AI score0.00391EPSS

Exploits0References1Affected Software1

Prion•added 2023/11/01 5:15 p.m.•18 views

Cross site scripting

5.8CVSS6AI score0.00391EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/01 4:54 p.m.•26 views

CVE-2023-20005

4.8CVSS6.1AI score0.00391EPSS

Exploits0References1

Cvelist•added 2023/11/01 4:52 p.m.•26 views

CVE-2023-20206

6.1CVSS6.1AI score0.00405EPSS

Exploits0References1

Cvelist•added 2023/11/01 4:52 p.m.•24 views

CVE-2023-20041

4.8CVSS6.1AI score0.00391EPSS

Exploits0References1

Veracode•added 2023/10/16 7:43 a.m.•17 views

Cross-Site Scripting (XSS)

Zope is vulnerable to Cross-site Scripting XSS . The vulnerability is due to improper user-input sanitization in the title property. This can allow an attacker to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI...

4.8CVSS6.2AI score0.00404EPSS

Exploits0References3Affected Software1

Prion•added 2023/10/04 9:15 p.m.•16 views

Design/Logic Flaw

Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...

4.3CVSS5.1AI score0.00404EPSS

Exploits0References3Affected Software1

PyPA•added 2023/10/04 9:15 p.m.•7 views

PYSEC-2023-193

4.8CVSS7.1AI score0.00404EPSS

Exploits0References3Affected Software1

OSV•added 2023/10/04 8:7 p.m.•29 views

CVE-2023-44389 Zope management interface vulnerable to stored cross site scripting via the title property

3.1CVSS5.3AI score0.00404EPSS

Exploits0References5

Prion•added 2023/09/13 7:15 p.m.•21 views

Cross site scripting

A stored Cross-site Scripting XSS vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code...

4.9CVSS5.5AI score0.00298EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/09/13 6:22 p.m.•38 views

CVE-2023-3588 Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x

A stored Cross-site Scripting XSS vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code...

5.4CVSS5.6AI score0.00298EPSS

Exploits0References1

Vulnrichment•added 2023/09/13 6:22 p.m.•13 views

CVE-2023-3588 Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x

A stored Cross-site Scripting XSS vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code...

5.4CVSS6.2AI score0.00298EPSS

Exploits0References1

NVD•added 2023/08/29 8:15 p.m.•8 views

CVE-2023-39266

A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to...

8.3CVSS7.6AI score0.00418EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by