Lucene search
K

8183 matches found

CNVD
CNVD
added 2020/09/02 12:0 a.m.1 views

IBM Engineering Workflow Management Cross-Site Scripting Vulnerability

IBM Engineering Workflow Management is a team collaboration tool that integrates development tasks including iteration planning, change management, defect tracking, source code control, build automation and reporting. A cross-site scripting vulnerability exists in IBM Engineering Workflow...

5.4CVSS6.3AI score0.00561EPSS
Exploits0References1
OSV
OSV
added 2020/08/31 4:23 p.m.8 views

OPENSUSE-SU-2020:1306-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.83 boo1175757 fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...

9.3CVSS6.6AI score0.02296EPSS
Exploits3References16
OSV
OSV
added 2020/08/27 4:15 p.m.6 views

CVE-2020-3504

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

3.3CVSS5.8AI score
Exploits0References1
CNVD
CNVD
added 2020/08/27 12:0 a.m.2 views

IBM Security Guardium Data Encryption (GDE) Cross-Site Scripting Vulnerability

IBM Security Guardium Data Encryption GDE provides a modular set of encryption solutions that help security teams effectively implement data-at-rest security across the organization. A cross-site scripting vulnerability exists in IBM Security Guardium Data Encryption GDE 3.0.0.2, which can be...

5.4CVSS8AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 11:15 p.m.4 views

CVE-2019-5320

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code...

6.1CVSS6.4AI score
Exploits0References1
OSV
OSV
added 2020/08/26 11:15 p.m.6 views

CVE-2019-5321

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...

8.8CVSS7.3AI score0.02418EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 7:15 p.m.3 views

CVE-2019-4691

IBM Security Guardium Data Encryption GDE 3.0.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

5.4CVSS5.9AI score0.00351EPSS
Exploits0References2
NVD
NVD
added 2020/08/26 5:15 p.m.19 views

CVE-2020-3491

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative privileges to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The vulnerability exists...

5.5CVSS5.2AI score0.00617EPSS
Exploits0References1
NVD
NVD
added 2020/08/26 5:15 p.m.12 views

CVE-2020-3466

Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerabilities exist because the web-based managemen...

6.1CVSS5.3AI score0.00921EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 3:15 p.m.3 views

CVE-2020-5919

In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in an access profile configured with Modern customization, may cause the Traffic Management Microkernel TMM to stop responding...

7.5CVSS7.1AI score0.01044EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/08/26 10:11 a.m.4 views

Mozilla: Custom cursor can overlay user interface

When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...

6.5CVSS7.3AI score0.01237EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:33 a.m.5 views

Mozilla: Custom cursor can overlay user interface

When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...

6.5CVSS7.3AI score0.01237EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.47 views

KLA11943 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Elevation of privilege vulnerability on...

9.3CVSS9.3AI score0.02716EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.42 views

KLA11948 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in media component c...

9.3CVSS9.7AI score0.29292EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.42 views

KLA11946 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in eval function...

9.3CVSS9.3AI score0.02716EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.45 views

KLA11947 Multiple vulnerabilties in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in eval function...

9.3CVSS9.4AI score0.02716EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.34 views

KLA11945 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in eval function...

9.3CVSS9.4AI score0.02716EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.320 views

KLA11941 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, gain privileges, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilitie...

9.3CVSS8.9AI score0.02296EPSS
Exploits3References3
OSV
OSV
added 2020/08/20 4:15 p.m.4 views

CVE-2020-4548

IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass the user interface and send requests to the IBM Content Navigator server with illegal characters that could be stored in the IBM Content Navigator database. IBM X-Force ID:...

2.7CVSS5.5AI score0.00729EPSS
Exploits0References2
CNVD
CNVD
added 2020/08/20 12:0 a.m.1 views

IBM Content Navigator Input Validation Error Vulnerability (CNVD-2020-47545)

IBM Content Navigator is a Web client from IBM USA. The product supports searching and processing documents stored in content servers from a Web browser. An input validation error vulnerability exists in IBM Content Navigator version 3.0CD. An attacker can exploit this vulnerability to bypass the...

4.3CVSS6.6AI score0.00729EPSS
Exploits0References1
Rows per page
Query Builder