CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45768 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2010-3926	1 Wb-i	2 Sgx-sp Final, Sgx-sp Final Ne	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3936	1 Microsoft	1 Forefront Unified Access Gateway	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS in Signurl.asp Vulnerability."
CVE-2010-2458	1 2daybiz	1 Video Community Portal Script	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
CVE-2010-3977	2 Deliciousdays, Wordpress	2 Cforms, Wordpress	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
CVE-2010-3985	2 Hp, Microsoft	2 Operations Orchestration, Internet Explorer	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3987	1 Hp	1 Insight Control Virtual Machine Management	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3991	1 Hp	2 Insight Control Server Migration, Insight Control Server Migration6.0.1	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3994	1 Hp	2 Hp, Version Control Repository Manager	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4030	1 Hp	1 Insight Control Performance Management	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2014-1879	1 Phpmyadmin	1 Phpmyadmin	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
CVE-2010-4047	1 Opera	1 Opera Browser	2025-04-11	N/A
Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVE-2010-4097	1 Avatic	1 Aardvark Topsites Php	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.
CVE-2010-2457	1 Qsoft-inc	1 K-search	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.
CVE-2010-4111	3 Hp, Linux, Microsoft	3 Insight Diagnostics, Linux Kernel, Windows	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4114	2 Hp, Microsoft	2 Discovery\&dependency Mapping Inventory, Windows	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4146	1 Attachmate	1 Reflection For The Web	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2437	1 Anecms	1 Anecms Blog	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to modules/blog/index.php.
CVE-2010-2433	1 Ibm	1 Websphere Ilog Jrules	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) explore/explore.jsp, (2) compose/compose.jsp, or (3) home.jsp in faces/.
CVE-2010-4716	1 Novell	1 Groupwise	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4745	1 Gareth Watts	1 Phpxref	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the query string.

« first previous Page 1241 of 2289. next last »