CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

158 matches found

OSV•added 2017/08/21 7:29 a.m.•5 views

UBUNTU-CVE-2017-12980

DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-controlled server to trigger JavaScript execution. The JavaScript can be in an author field, as...

6.1CVSS6.7AI score0.01372EPSS

Exploits1References3

Fedora•added 2017/05/08 10:24 p.m.•30 views

[SECURITY] Fedora 24 Update: roundcubemail-1.2.5-1.fc24

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

8.8CVSS0.2AI score0.03471EPSS

Exploits1

NVD•added 2017/01/13 4:59 p.m.•16 views

CVE-2016-9107

The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote attackers to obtain sensitive information via unspecified vectors...

7.5CVSS7.3AI score0.03019EPSS

Exploits0References5

CVE•added 2017/01/13 4:0 p.m.•41 views

CVE-2016-9107

CVE-2016-9107 concerns the Gajim OTR plugin, where information is sent in cleartext when using XHTML. This leads to a potential information disclosure vulnerability, allowing remote attackers to obtain sensitive data via unspecified vectors. The affected component is the Gajim OTR plugin; the roo...

7.5CVSS7.2AI score0.03019EPSS

Exploits0References5Affected Software1

Fedora•added 2016/06/18 7:56 p.m.•23 views

[SECURITY] Fedora 24 Update: roundcubemail-1.2.0-1.fc24

0.2AI score

Exploits0

Fedora•added 2016/06/05 2:58 a.m.•30 views

[SECURITY] Fedora 23 Update: roundcubemail-1.2.0-1.fc23

0.2AI score

Exploits0

Fedora•added 2016/04/30 11:54 p.m.•45 views

[SECURITY] Fedora 23 Update: roundcubemail-1.1.5-1.fc23

8.8CVSS0.2AI score0.02867EPSS

Exploits1

BDU FSTEC•added 2016/04/14 12:0 a.m.•4 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the PageCaptureSaveAsMHTMLFunction::ReturnFailure function browser/extensions/api/pagecapture/pagecaptureapi.cc in the Google Chrome browser is related to code errors. Exploiting this vulnerability may allow an attacker to cause service failures or potentially other effects d...

9.3CVSS7.6AI score0.01199EPSS

Exploits0References5Affected Software1

Fedora•added 2016/03/12 12:53 a.m.•16 views

[SECURITY] Fedora 22 Update: php-htmLawed-1.1.21-1.fc22

PHP code to purify and filter HTML make HTML markup in text secure and standard-compliant process text for use in HTML, XHTML or XML documents restrict HTML elements, attributes or URL protocols using black or white-lists balance tags, check element nesting, transform deprecated attributes and...

6.6AI score

Exploits0

Fedora•added 2016/01/08 3:33 a.m.•15 views

[SECURITY] Fedora 22 Update: roundcubemail-1.1.4-2.fc22

0.2AI score

Exploits0

OpenVAS•added 2015/10/07 12:0 a.m.•26 views

Open-Xchange (OX) App Suite XHTML File HTML Injection Vulnerability

Open-Xchange OX App Suite is prone to a cross-site scripting XSS vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

4.3CVSS5.8AI score0.01936EPSS

Exploits0References3

Fedora•added 2015/07/29 1:46 a.m.•38 views

[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22

7.5CVSS0.2AI score0.03767EPSS

Exploits0

Fedora•added 2015/02/15 3:18 a.m.•66 views

[SECURITY] Fedora 21 Update: roundcubemail-1.0.5-1.fc21

4.3CVSS0.2AI score0.03279EPSS

Exploits4

securityvulns•added 2015/01/13 12:0 a.m.•39 views

OpenXchange XSS

Dangerous content from application/xhtml+xml is not removed...

4.3CVSS1.7AI score0.01936EPSS

Exploits0References1Affected Software1

NVD•added 2015/01/07 6:59 p.m.•16 views

CVE-2014-8993

Cross-site scripting XSS vulnerability in the backend in Open-Xchange OX AppSuite before 7.4.2-rev40, 7.6.0 before 7.6.0-rev32, and 7.6.1 before 7.6.1-rev11 allows remote attackers to inject arbitrary web script or HTML via a crafted XHTML file with the application/xhtml+xml MIME type...

4.3CVSS5.6AI score0.01936EPSS

Exploits0References4

Fedora•added 2015/01/06 6:13 a.m.•37 views

[SECURITY] Fedora 21 Update: roundcubemail-1.0.4-2.fc21

4.3CVSS7.5AI score0.01198EPSS

Exploits2

Debian CVE•added 2014/03/02 2:0 a.m.•37 views

CVE-2014-2242

includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting XSS attacks via an SVG upload, as demonstrated by use of a W...

4.3CVSS7AI score0.0245EPSS

Exploits1

OpenVAS•added 2013/09/24 12:0 a.m.•10 views

Fedora Update for roundcubemail FEDORA-2013-16232

Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-16232 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Exploits0References2

Fedora•added 2013/08/28 9:31 p.m.•14 views

[SECURITY] Fedora 19 Update: roundcubemail-0.9.3-2.fc19

0.2AI score

Exploits0

Fedora•added 2013/04/07 12:41 a.m.•43 views

[SECURITY] Fedora 17 Update: roundcubemail-0.8.6-1.fc17

5CVSS6.4AI score0.02287EPSS

Exploits0

Rows per page