Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359512 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-30561 1 Bd 2 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware 2024-11-21 6.1 Medium
The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is running.
CVE-2023-30560 2 Bd, Becton Dickinson And Co 3 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware, Bd Alarisa Point Of Care Unit Model 8015 2024-11-21 6.8 Medium
The configuration from the PCU can be modified without authentication using physical connection to the PCU.
CVE-2023-30559 1 Bd 2 Alaris 8015 Pcu, Alaris 8015 Pcu Firmware 2024-11-21 5.2 Medium
The firmware update package for the wireless card is not properly signed and can be modified.
CVE-2023-30500 1 Wpforms 2 Contact Form, Wpforms 2024-11-21 5.8 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms WPForms Lite (wpforms-lite), WPForms WPForms Pro (wpforms) plugins <= 1.8.1.2 versions.
CVE-2023-30499 1 Foliovision 1 Fv Flowplayer Video Player 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.
CVE-2023-30498 1 Codeflavors 1 Vimeotheque 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin <= 2.2.1 versions.
CVE-2023-30496 1 Mage-people 1 Bus Ticket Booking With Seat Reservation 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MagePeople Team WpBusTicketly plugin <= 5.2.5 versions.
CVE-2023-30494 1 Imagerecycle 1 Imagerecycle Pdf \& Image Compression 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.10 versions.
CVE-2023-30493 1 Themefic 1 Ultimate Addons For Contact Form 7 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin <= 3.2.0 versions.
CVE-2023-30491 1 Codebard 1 Codebard\'s Patron Button And Widgets For Patreon 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodeBard CodeBard's Patron Button and Widgets for Patreon plugin <= 2.1.8 versions.
CVE-2023-30489 1 I13websolution 1 Email Subscription Popup 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Email Subscription Popup plugin <= 1.2.16 versions.
CVE-2023-30485 1 Solwininfotech 1 Avartan-slider-lite 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions.
CVE-2023-30483 1 Kibokolabs 1 Watu Quiz 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.
CVE-2023-30482 1 Villatheme 1 Wpbulky 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions.
CVE-2023-30481 1 Profosbox 1 Agp Font Awesome Collection 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alexey Golubnichenko AGP Font Awesome Collection plugin <= 3.2.4 versions.
CVE-2023-30477 1 Essitco 1 Affiliate Solution 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Essitco AFFILIATE Solution plugin <= 1.0 versions.
CVE-2023-30475 1 Couponaffiliates 1 Woocommerce Affiliate 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Elliot Sowersby, RelyWP WooCommerce Affiliate Plugin – Coupon Affiliates plugin <= 5.4.5 versions.
CVE-2023-30473 1 Icopydoc 1 Yml For Yandex Market 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov YML for Yandex Market plugin <= 3.10.7 versions.
CVE-2023-30472 1 Mythemeshop 1 Url Shortener 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MyThemeShop URL Shortener by MyThemeShop plugin <= 1.0.17 versions.
CVE-2023-30451 1 Typo3 1 Typo3 2024-11-21 4.9 Medium
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].