Lucene search
K

8110 matches found

CNVD
CNVD
added 2021/01/11 12:0 a.m.3 views

IBM Engineering Workflow Management Cross-Site Scripting Vulnerability (CNVD-2021-03014)

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...

5.4CVSS6.2AI score0.00554EPSS
Exploits0References1
OSV
OSV
added 2021/01/08 9:15 p.m.3 views

CVE-2020-4733

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127...

5.4CVSS5.7AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2021/01/08 7:15 p.m.2 views

DEBIAN-CVE-2020-16024

Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.7AI score0.01909EPSS
Exploits0References1
OSV
OSV
added 2021/01/08 7:15 p.m.3 views

UBUNTU-CVE-2021-21111

Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

9.6CVSS7.3AI score0.01065EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.6 views

IBM Jazz Foundation 跨站脚本漏洞

IBM Engineering Workflow Management EWM is a team collaboration tool that integrates a variety of development tasks, including iteration planning, process definition, change management, defect tracking, source code control, build automation, and reporting. A cross-site scripting vulnerability...

5.4CVSS6.1AI score0.00554EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.5 views

IBM Engineering Requirements Quality Assistant 跨站脚本漏洞

IBM Engineering Requirements Quality Assistant uses AI to help you improve requirements quality from the authoring source. A cross-site scripting vulnerability exists in IBM Engineering Requirements Quality Assistant. An attacker could exploit the vulnerability to embed arbitrary JavaScript code ...

5.4CVSS6.5AI score0.00554EPSS
Exploits0References3
OSV
OSV
added 2021/01/07 6:15 p.m.2 views

CVE-2020-4895

IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

5.4CVSS5.5AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2021/01/07 6:15 p.m.3 views

CVE-2020-4892

IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190979...

5.4CVSS5.7AI score0.00554EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/05 12:0 a.m.4 views

IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00890)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...

5.5CVSS6.2AI score0.00654EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/05 12:0 a.m.2 views

IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00889)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...

4.8CVSS6.2AI score0.00545EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/05 12:0 a.m.2 views

IBM Cloud Pak System Cross-Site Scripting Vulnerability (CNVD-2021-00888)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...

4.8CVSS6.2AI score0.00545EPSS
Exploits0References1
OSV
OSV
added 2021/01/04 2:15 p.m.2 views

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...

4.8CVSS5.7AI score0.00545EPSS
Exploits0References2
OSV
OSV
added 2021/01/04 2:15 p.m.1 views

CVE-2020-4909

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...

4.8CVSS5.7AI score0.00545EPSS
Exploits0References2
OSV
OSV
added 2021/01/04 2:15 p.m.0 views

CVE-2020-4916

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390...

4.8CVSS5.8AI score
Exploits0References2
CNNVD
CNNVD
added 2021/01/04 12:0 a.m.4 views

IBM Cloud Pak System 跨站脚本漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site scripting vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI that could...

4.8CVSS6.1AI score0.00545EPSS
Exploits0References3
Fortinet
Fortinet
added 2021/01/04 12:0 a.m.105 views

FortiWeb is vulnerable to a blind SQL injection

A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement...

7.5CVSS9.9AI score0.02567EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/02 12:0 a.m.1 views

CVE-2020-4916

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390...

5.5CVSS5AI score0.00654EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/02 12:0 a.m.1 views

CVE-2020-4909

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...

4.8CVSS5AI score0.00545EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/02 12:0 a.m.1 views

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...

4.8CVSS5AI score0.00545EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/12/21 6:15 p.m.5 views

CVE-2020-4757

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

6.4CVSS5.2AI score0.01277EPSS
Exploits1References3
Rows per page
Query Builder