Export limit exceeded: 45554 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45554 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38281 | 1 Motorola | 2 Vigilant Fixed Lpr Coms Box, Vigilant Fixed Lpr Coms Box Firmware | 2024-11-21 | 9.8 Critical |
| An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. | ||||
| CVE-2024-37959 | 1 Atlaspolicy | 1 Power Bi Embedded | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7. | ||||
| CVE-2024-37958 | 1 Mekshq | 1 Meks Smart Author Widget | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4. | ||||
| CVE-2024-37957 | 1 Bradmax | 1 Bradmax Player | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27. | ||||
| CVE-2024-37956 | 1 Vektor-inc | 1 Vk All In One Expansion Unit | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. VK All in One Expansion Unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through 9.99.1.0. | ||||
| CVE-2024-37955 | 1 Makegutenblock | 1 Gutslider | 2024-11-21 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider – All in One Block Slider allows Stored XSS.This issue affects GutSlider – All in One Block Slider: from n/a through 2.7.3. | ||||
| CVE-2024-37954 | 1 Marcelotorres | 1 Simple Responsive Slider | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5. | ||||
| CVE-2024-37888 | 1 Mlewand | 1 Open Link | 2024-11-21 | 6.1 Medium |
| The Open Link is a CKEditor plugin, extending context menu with a possibility to open link in a new tab. The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < **1.0.5**. | ||||
| CVE-2024-37856 | 1 Oretnom23 | 1 Lost And Found Information System | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page. | ||||
| CVE-2024-37741 | 1 Openplcproject | 2 Openplc V3, Openplc V3 Firmware | 2024-11-21 | 5.4 Medium |
| OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture. | ||||
| CVE-2024-37732 | 1 Anchorcms | 2 Anchor, Anchor Cms | 2024-11-21 | 8.8 High |
| Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf file. | ||||
| CVE-2024-37679 | 2 Finesoft Project, Hangzhou Meisoft Information Technology | 2 Finesoft, Finesoft | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter. | ||||
| CVE-2024-37673 | 1 Tessi | 2 Docubase, Docubase Document Management | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter. | ||||
| CVE-2024-37672 | 1 Tessi | 1 Docubase | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter. | ||||
| CVE-2024-37625 | 1 Zhimengzhel | 1 Ibarn | 2024-11-21 | 6.1 Medium |
| zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /index.php. | ||||
| CVE-2024-37619 | 1 Strongshop | 1 Strongshop | 2024-11-21 | 7.6 High |
| StrongShop v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the spec_group_id parameter at /spec/index.blade.php. | ||||
| CVE-2024-37559 | 1 Henleyedition | 1 Counterpoint | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echenley Counterpoint allows Reflected XSS.This issue affects Counterpoint: from n/a through 1.8.1. | ||||
| CVE-2024-37558 | 1 Nihal | 1 Wpfavicon | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1. | ||||
| CVE-2024-37557 | 1 Sohamsolution | 1 Wp Cookie Law Info | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Soham Web Solution WP Cookie Law Info allows Stored XSS.This issue affects WP Cookie Law Info: from n/a through 1.1. | ||||
| CVE-2024-37556 | 1 Seedprod | 1 Wordpress Notification Bar | 2024-11-21 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10. | ||||