| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field. |
| HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information |
| A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting. |
| EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks. |
| XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess parameter. |
| Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal. |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. |
| A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. |
| OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. |
| Joomla! before 2.5.3 allows Admin Account Creation. |
| Joomla! core before 2.5.3 allows unauthorized password change. |
| Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. |
| Local file inclusion in WebCalendar before 1.2.5. |
| install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. |
| Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks |
| Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks |
| Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter. |
