Export limit exceeded: 10331 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44875 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4168 | 3 Debian, Fedoraproject, Smokeping | 3 Debian Linux, Fedora, Smokeping | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. | ||||
| CVE-2013-4158 | 3 Debian, Fedoraproject, Smokeping | 3 Debian Linux, Fedora, Smokeping | 2024-11-21 | 6.1 Medium |
| smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) | ||||
| CVE-2013-4109 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 6.1 Medium |
| An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165. | ||||
| CVE-2013-4107 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 6.1 Medium |
| Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting | ||||
| CVE-2013-4106 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 6.1 Medium |
| A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22. | ||||
| CVE-2013-3936 | 1 Opsview | 2 Opsview, Opsview Core | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2013-3931 | 1 Jomres | 1 Jomres | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web script or HTML via the property_name parameter, related to editing property details. | ||||
| CVE-2013-3637 | 1 Projectpier | 1 Projectpier | 2024-11-21 | 5.4 Medium |
| ProjectPier 0.8.8 does not use the Secure flag for cookies | ||||
| CVE-2013-3636 | 1 Projectpier | 1 Projectpier | 2024-11-21 | 5.4 Medium |
| ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag | ||||
| CVE-2013-3635 | 1 Projectpier | 1 Projectpier | 2024-11-21 | 5.4 Medium |
| ProjectPier 0.8.8 has stored XSS | ||||
| CVE-2013-3619 | 2 Citrix, Supermicro | 10 Netscaler, Netscaler Firmware, Netscaler Sd-wan and 7 more | 2024-11-21 | 8.1 High |
| Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before SMT_X9_317 and firmware for Supermicro X8 generation motherboards before SMT X8 312 contain harcoded private encryption keys for the (1) Lighttpd web server SSL interface and the (2) Dropbear SSH daemon. | ||||
| CVE-2013-3565 | 2 Opensuse, Videolan | 2 Opensuse, Vlc Media Player | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. | ||||
| CVE-2013-3542 | 1 Grandstream | 26 Gxv3500, Gxv3500 Firmware, Gxv3501 and 23 more | 2024-11-21 | 10.0 Critical |
| Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session. | ||||
| CVE-2013-3517 | 1 Netgear | 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. | ||||
| CVE-2013-3320 | 1 Netapp | 1 Oncommand System Manager | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields. | ||||
| CVE-2013-3097 | 1 Actiontec | 2 Mi424wr-gen3i, Mi424wr-gen3i Firmware | 2024-11-21 | 6.1 Medium |
| Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router. | ||||
| CVE-2013-3067 | 1 Linksys | 2 Wrt310n, Wrt310n Firmware | 2024-11-21 | 5.4 Medium |
| Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS. | ||||
| CVE-2013-2999 | 1 Ibm | 1 Infosphere Data Replication Dashboard | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. | ||||
| CVE-2013-2714 | 1 Podpress Project | 1 Podpress | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter. | ||||
| CVE-2013-2684 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||