CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3241 matches found

Kaspersky•added 2023/12/13 12:0 a.m.•37 views

KLA62432 SUI vulnerability in Microsoft Developer Tools

A spoofing vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2023-21751 Related products Microsoft-Azure CVE list CVE-2023-21751 high KB list Solution Install necessary updates from the KB section,...

6.5CVSS6.4AI score0.00977EPSS

Exploits0References3

RedHat Linux•added 2023/12/12 5:30 p.m.•51 views

Moderate: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.7AI score0.01328EPSS

Exploits0References6

Kaspersky•added 2023/12/12 12:0 a.m.•29 views

KLA62391 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft Outlook can be exploited remotely ...

6.5CVSS7AI score0.17559EPSS

Exploits1References8

Kaspersky•added 2023/12/12 12:0 a.m.•145 views

KLA62388 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, overwrite arbitrary files, gain privileges, spoof user interface. Below is a complete list of...

8.8CVSS9.5AI score0.92817EPSS

Exploits1References42

AlmaLinux•added 2023/12/12 12:0 a.m.•59 views

Moderate: skopeo security update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29409 golang: html/template:...

7.5CVSS7.8AI score0.01328EPSS

Exploits0References12

Wired Threat Level•added 2023/12/11 8:20 p.m.•8 views

Congress Clashes Over the Future of America’s Section 702 Spy Program

Competing bills moving through the House of Representatives both reauthorize Section 702 surveillance—but they pave very different paths forward for Americans’ privacy and civil liberties...

7.4AI score

Exploits0

AlmaLinux•added 2023/12/11 12:0 a.m.•35 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Arbitrary Remote Code Execution CVE-2023-42917 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

8.8CVSS8AI score0.0937EPSS

Exploits0References4

CNNVD•added 2023/12/08 12:0 a.m.•3 views

JFinalCMS 安全漏洞

JFinalCMS is a content management system. JFinalCMS v5.0.0 version exists cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the section management department, an attacker can exploit this vulnerability by injecti...

5.4CVSS5.4AI score0.00413EPSS

Exploits0References2

CVE•added 2023/12/07 12:0 a.m.•34 views

CVE-2023-48830

Shuttle Booking Software 2.0 is affected by CVE-2023-48830 due to CSV injection in the Languages section during export. The root cause is insufficient input validation on the Unique ID field in the Reservations list used to construct CSV exports. Impact is exposure of injected content in exported...

8.8CVSS8.7AI score0.01201EPSS

Exploits2References2Affected Software1

Cvelist•added 2023/12/07 12:0 a.m.•26 views

CVE-2023-48830

Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export...

9AI score0.01201EPSS

Exploits2References2

OSV•added 2023/12/02 7:15 p.m.•6 views

CVE-2023-6472

A vulnerability, which was classified as problematic, has been found in PHPEMS 7.0. This issue affects some unknown processing of the file app\content\cls\api.cls.php of the component Content Section Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Th...

4.8CVSS3.7AI score0.00605EPSS

Exploits1References3

NVD•added 2023/12/02 7:15 p.m.•27 views

CVE-2023-6472

4.8CVSS0.00605EPSS

Exploits1References3

Prion•added 2023/12/02 7:15 p.m.•12 views

Cross site scripting

3.3CVSS6.5AI score0.00605EPSS

Exploits1References3Affected Software1

CVE•added 2023/12/02 6:31 p.m.•39 views

CVE-2023-6472

PHPEMS 7.0 contains a Cross-Site Scripting (XSS) flaw in the Content Section Handler, specifically in the file app\content\cls\api.cls.php. The issue is executable remotely and the exploit has been disclosed publicly, with multiple sources confirming the affected component and path. Practical imp...

4.8CVSS4.3AI score0.00605EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/12/02 6:31 p.m.•41 views

CVE-2023-6472 PHPEMS Content Section api.cls.php cross site scripting

3.3CVSS5.2AI score0.00605EPSS

Exploits1References3

CNNVD•added 2023/12/02 12:0 a.m.•3 views

PHPEMS Cross-Site Scripting Vulnerability

PHPEMS is a PHP online practice exam system. A cross-site scripting vulnerability exists in PHPEMS version 7.0, which stems from a cross-site scripting XSS vulnerability in the component Content Section Handler...

4.8CVSS5.9AI score0.00605EPSS

Exploits1References3

Positive Technologies•added 2023/12/02 12:0 a.m.•3 views

PT-2023-32681 · Phpems · Phpems

Name of the Vulnerable Software and Affected Versions: PHPEMS version 7.0 Description: A problematic issue has been found in the Content Section Handler component, specifically affecting the file appcontentclsapi.cls.php. This issue leads to cross-site scripting and can be initiated remotely. The...

4.8CVSS6.4AI score0.00605EPSS

Exploits1References6

RedHat Linux•added 2023/11/28 4:5 p.m.•46 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

10CVSS7.1AI score0.09141EPSS

Exploits2References8

RedHat Linux•added 2023/11/24 4:56 p.m.•51 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 9

New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.99999EPSS

Exploits19References5

OSV•added 2023/11/23 3:15 p.m.•4 views

CVE-2023-41811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pandora FMS on all allows Cross-Site Scripting XSS. This vulnerability allowed Javascript code to be executed in the news section of the web console. This issue affects Pandora FMS: from 700 throug...

6.1CVSS5.8AI score0.00324EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by