Export limit exceeded: 45735 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45735 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-38961 | 1 Ibm | 6 Power System Ac922 \(8335-gtc\), Power System Ac922 \(8335-gtc\) Firmware, Power System Ac922 \(8335-gtg\) and 3 more | 2024-11-21 | 6.1 Medium |
| IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049. | ||||
| CVE-2021-38952 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 211408. | ||||
| CVE-2021-38946 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 5.4 Medium |
| IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 211240. | ||||
| CVE-2021-38944 | 1 Ibm | 1 Datapower Gateway | 2024-11-21 | 6.1 Medium |
| IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 211236. | ||||
| CVE-2021-38934 | 1 Ibm | 2 Engineering Test Management, Rational Quality Manager | 2024-11-21 | 5.4 Medium |
| IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210671. | ||||
| CVE-2021-38927 | 3 Ibm, Linux, Microsoft | 3 Aspera Console, Linux Kernel, Windows | 2024-11-21 | 7.2 High |
| IBM Aspera Console 3.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210322. | ||||
| CVE-2021-38909 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 5.4 Medium |
| IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209706. | ||||
| CVE-2021-38903 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-11-21 | 5.4 Medium |
| IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 209691. | ||||
| CVE-2021-38896 | 2 Ibm, Linux | 2 Qradar Advisor, Linux Kernel | 2024-11-21 | 6.1 Medium |
| IBM QRadar Advisor 2.5 through 2.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209566. | ||||
| CVE-2021-38895 | 1 Ibm | 1 Security Verify Access | 2024-11-21 | 5.4 Medium |
| IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209563. | ||||
| CVE-2021-38893 | 1 Ibm | 3 Business Automation Workflow, Business Process Manager, Workflow Process Service | 2024-11-21 | 5.4 Medium |
| IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0 and 21.0 are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209512. | ||||
| CVE-2021-38883 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2024-11-21 | 5.4 Medium |
| IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 209165. | ||||
| CVE-2021-38877 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2024-11-21 | 5.4 Medium |
| IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405. | ||||
| CVE-2021-38876 | 1 Ibm | 1 I | 2024-11-21 | 6.1 Medium |
| IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208404. | ||||
| CVE-2021-38871 | 3 Ibm, Linux, Microsoft | 3 Jazz Team Server, Linux Kernel, Windows | 2024-11-21 | 5.4 Medium |
| IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208345. | ||||
| CVE-2021-38870 | 1 Ibm | 1 Aspera On Cloud | 2024-11-21 | 5.4 Medium |
| IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208343. | ||||
| CVE-2021-38822 | 1 Icehrm | 1 Icehrm | 2024-11-21 | 5.4 Medium |
| A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands. | ||||
| CVE-2021-38757 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 6.1 Medium |
| Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php. | ||||
| CVE-2021-38756 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 6.1 Medium |
| Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through prescribe.php. | ||||
| CVE-2021-38752 | 1 Online Catering Reservation System Project | 1 Online Catering Reservation System | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in Online Catering Reservation System using PHP on Sourcecodester allows an attacker to arbitrarily inject code in the search bar. | ||||