Export limit exceeded: 351640 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 46018 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46018 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21932 | 1 Microsoft | 1 Dynamics 365 | 2025-01-02 | 7.6 High |
| Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | ||||
| CVE-2024-11111 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-11110 | 1 Google | 1 Chrome | 2025-01-02 | 6.5 Medium |
| Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) | ||||
| CVE-2024-11115 | 2 Apple, Google | 2 Iphone Os, Chrome | 2025-01-02 | 8.8 High |
| Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity: Medium) | ||||
| CVE-2024-11116 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-11117 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-43926 | 2 Fastlinemedia, The Beaver Builder Team | 2 Beaver Builder, Beaver Builder | 2025-01-02 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Reflected XSS.This issue affects Beaver Builder: from n/a through 2.8.3.2. | ||||
| CVE-2024-55541 | 2025-01-02 | N/A | ||
| Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169. | ||||
| CVE-2024-27104 | 1 Glpi-project | 1 Glpi | 2025-01-02 | 4.5 Medium |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user that will open this dashboard will be subject to an XSS attack. This issue has been patched in version 10.0.13. | ||||
| CVE-2024-27914 | 1 Glpi-project | 1 Glpi | 2025-01-02 | 5.3 Medium |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if the administrator navigates through the debug bar. This issue has been patched in version 10.0.13. | ||||
| CVE-2024-1474 | 1 Progress | 1 Ws Ftp Server | 2025-01-02 | 7.5 High |
| In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs on the WS_FTP Server administrative interface. | ||||
| CVE-2023-35621 | 1 Microsoft | 1 Dynamics 365 | 2025-01-01 | 7.5 High |
| Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability | ||||
| CVE-2023-36020 | 1 Microsoft | 1 Dynamics 365 | 2025-01-01 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-29345 | 1 Microsoft | 1 Edge Chromium | 2025-01-01 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||||
| CVE-2023-36892 | 1 Microsoft | 1 Sharepoint Server | 2025-01-01 | 8 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2023-36869 | 1 Microsoft | 1 Azure Devops Server | 2025-01-01 | 6.3 Medium |
| Azure DevOps Server Spoofing Vulnerability | ||||
| CVE-2023-29347 | 1 Microsoft | 1 Windows Admin Center | 2025-01-01 | 8.7 High |
| Windows Admin Center Spoofing Vulnerability | ||||
| CVE-2023-21565 | 1 Microsoft | 1 Azure Devops Server | 2025-01-01 | 7.1 High |
| Azure DevOps Server Spoofing Vulnerability | ||||
| CVE-2023-24896 | 1 Microsoft | 1 Dynamics 365 | 2025-01-01 | 5.4 Medium |
| Dynamics 365 Finance Spoofing Vulnerability | ||||
| CVE-2023-23383 | 1 Microsoft | 1 Azure Service Fabric | 2025-01-01 | 8.2 High |
| Service Fabric Explorer Spoofing Vulnerability | ||||