Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45721 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1160 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743.
CVE-2013-1159 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706.
CVE-2013-1158 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud54397.
CVE-2013-1157 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) Java servlet container in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud51068.
CVE-2013-1123 1 Cisco 1 Unified Meetingplace 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSCue18706.
CVE-2013-1114 1 Cisco 1 Unity Express Software 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527.
CVE-2013-1113 1 Cisco 1 Unified Communications Domain Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager allows remote attackers to inject arbitrary web script or HTML via a crafted parameter value, aka Bug ID CSCue21042.
CVE-2013-1097 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.
CVE-2013-1095 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.
CVE-2013-1094 1 Novell 1 Zenworks Configuration Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.
CVE-2013-1086 1 Novell 1 Groupwise 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.
CVE-2013-1034 1 Apple 1 Os X Server 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Wiki Server in Apple Mac OS X Server before 2.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0793 2 Mozilla, Redhat 6 Firefox, Seamonkey, Thunderbird and 3 more 2025-04-11 N/A
Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing.
CVE-2013-0730 1 Sourcefabric 1 Newscoop 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x through 4.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) language parameter to application/modules/admin/controllers/LanguagesController.php or (2) user parameter to application/modules/admin/controllers/UserController.php.
CVE-2013-0703 1 Big 1 Imgboard 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in imgboard.com imgboard before 1.22R6.1 u and 20xx before 2010u allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0702 1 Cybozu 1 Garoon 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0708 1 Bayashi 1 Dopvcomet\* 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of the access log.
CVE-2013-0688 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0672 1 Siemens 1 Wincc Tia Portal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
CVE-2013-0668 1 Siemens 1 Wincc Tia Portal 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.