Export limit exceeded: 45736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45736 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-37573 | 1 Tiny Java Web Server Project | 1 Tiny Java Web Server | 2024-11-21 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page | ||||
| CVE-2021-37555 | 1 Trixie | 2 Tx9 Automatic Food Dispenser, Tx9 Automatic Food Dispenser Firmware | 2024-11-21 | 9.8 Critical |
| TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc). | ||||
| CVE-2021-37552 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.4 Medium |
| In JetBrains YouTrack before 2021.2.17925, stored XSS was possible. | ||||
| CVE-2021-37542 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 6.1 Medium |
| In JetBrains TeamCity before 2020.2.3, XSS was possible. | ||||
| CVE-2021-37534 | 1 Misp | 1 Misp | 2024-11-21 | 5.4 Medium |
| app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster. | ||||
| CVE-2021-37524 | 1 Fusionpbx | 1 Fusionpbx | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php. | ||||
| CVE-2021-37504 | 1 Hayageek | 1 Jquery Upload File | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name. | ||||
| CVE-2021-37470 | 1 Nchsoftware | 1 Webdictate | 2024-11-21 | 5.4 Medium |
| In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript. | ||||
| CVE-2021-37467 | 1 Nchsoftware | 1 Quorum | 2024-11-21 | 5.4 Medium |
| In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected). | ||||
| CVE-2021-37466 | 1 Nchsoftware | 1 Quorum | 2024-11-21 | 5.4 Medium |
| In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected). | ||||
| CVE-2021-37465 | 1 Nchsoftware | 1 Quorum | 2024-11-21 | 5.4 Medium |
| In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected). | ||||
| CVE-2021-37464 | 1 Nchsoftware | 1 Quorum | 2024-11-21 | 5.4 Medium |
| In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored). | ||||
| CVE-2021-37463 | 1 Nchsoftware | 1 Quorum | 2024-11-21 | 5.4 Medium |
| In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored). | ||||
| CVE-2021-37462 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected). | ||||
| CVE-2021-37461 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected). | ||||
| CVE-2021-37460 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected). | ||||
| CVE-2021-37459 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored). | ||||
| CVE-2021-37458 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored). | ||||
| CVE-2021-37457 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored). | ||||
| CVE-2021-37456 | 1 Nchsoftware | 1 Axon Pbx | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored). | ||||