Export limit exceeded: 338340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44266 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44266 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15977 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 7.5 High |
| Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2019-15976 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 9.8 Critical |
| Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2019-15975 | 1 Cisco | 1 Data Center Network Manager | 2024-11-21 | 9.8 Critical |
| Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. | ||||
| CVE-2019-15969 | 1 Cisco | 1 Web Security Appliance | 2024-11-21 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script or HTML code in the context of the interface, which could allow the attacker to gain access to sensitive, browser-based information. | ||||
| CVE-2019-15950 | 1 Redmineup | 1 Crm | 2024-11-21 | 6.1 Medium |
| The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted vCard data. | ||||
| CVE-2019-15935 | 1 Intesync | 1 Solismed | 2024-11-21 | 6.1 Medium |
| Intesync Solismed 3.3sp has XSS. | ||||
| CVE-2019-15898 | 1 Nagios | 1 Log Server | 2024-11-21 | N/A |
| Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. | ||||
| CVE-2019-15869 | 1 Jobcareer Project | 1 Jobcareer | 2024-11-21 | N/A |
| The JobCareer theme before 2.5.1 for WordPress has stored XSS. | ||||
| CVE-2019-15867 | 1 Omaksolutions | 1 Slick-popup | 2024-11-21 | N/A |
| The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the slickpopupteam account, after a Subscriber calls a certain AJAX action. | ||||
| CVE-2019-15864 | 1 Holest | 1 Breadcrumbs By Menu | 2024-11-21 | N/A |
| The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. | ||||
| CVE-2019-15848 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | N/A |
| JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. | ||||
| CVE-2019-15842 | 1 Easy Pdf Restaurant Menu Upload Project | 1 Easy Pdf Restaurant Menu Upload | 2024-11-21 | N/A |
| The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. | ||||
| CVE-2019-15838 | 1 Kunalnagar | 1 Custom 404 Pro | 2024-11-21 | N/A |
| The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. | ||||
| CVE-2019-15837 | 1 Bitwise-it | 1 Webp Express | 2024-11-21 | N/A |
| The webp-express plugin before 0.14.8 for WordPress has stored XSS. | ||||
| CVE-2019-15836 | 1 Bootstrapped | 1 Wp Ultimate Recipe | 2024-11-21 | N/A |
| The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS. | ||||
| CVE-2019-15833 | 1 Simple Mail Address Encoder Project | 1 Simple Mail Address Encoder | 2024-11-21 | 6.1 Medium |
| The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS. | ||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | N/A |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | ||||
| CVE-2019-15829 | 1 Greentreelabs | 1 Gallery Photoblocks | 2024-11-21 | N/A |
| The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. | ||||
| CVE-2019-15827 | 1 Onesignal | 1 Onesignal-free-web-push-notifications | 2024-11-21 | N/A |
| The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. | ||||
| CVE-2019-15817 | 1 Realestateconnected | 1 Easy Property Listings | 2024-11-21 | N/A |
| The easy-property-listings plugin before 3.4 for WordPress has XSS. | ||||