Latest CVE Feed
-
3.5
LOWCVE-2013-5390
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : websphere_extreme_scale- EPSS Score: %0.19
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2015-0506
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508.... Read more
Affected Products : mysql- EPSS Score: %0.37
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2020-24588
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MS... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 linux_kernel debian_linux windows_server_2019 +363 more products- EPSS Score: %0.27
- Published: May. 11, 2021
- Modified: Nov. 21, 2024
-
3.5
LOWCVE-2013-4819
Unspecified vulnerability in HP IceWall SSO Agent Option 8.0 through 10.0 allows remote authenticated users to obtain sensitive information via unknown vectors.... Read more
Affected Products : icewall_sso_agent_option- EPSS Score: %0.18
- Published: Sep. 23, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-5448
Cross-site scripting (XSS) vulnerability in the Right Click Plugin context menus in IBM Security QRadar SIEM 7.1 and 7.2 before 7.2 MR1 Patch 1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : qradar_security_information_and_event_manager- EPSS Score: %0.19
- Published: Nov. 29, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-4713
Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
- EPSS Score: %0.18
- Published: Nov. 01, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-3720
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wp_post_id parameter.... Read more
- EPSS Score: %0.33
- Published: May. 31, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-5541
Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename, aka Bug ID CSCui67495.... Read more
- EPSS Score: %0.18
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-7025
Multiple cross-site scripting (XSS) vulnerabilities in ematStaticAlertTypes.jsp in the Alert Settings section in Dell SonicWALL Global Management System (GMS), Analyzer, and UMA EM5000 7.1 SP1 before Hotfix 134235 allow remote authenticated users to injec... Read more
- EPSS Score: %2.02
- Published: Dec. 09, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-7074
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject arbit... Read more
Affected Products : typo3- EPSS Score: %0.34
- Published: Dec. 21, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2012-3396
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the idnumb... Read more
Affected Products : moodle- EPSS Score: %0.21
- Published: Jul. 23, 2012
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-3812
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.... Read more
- EPSS Score: %0.79
- Published: Jul. 17, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-5402
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utili... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +2 more products- EPSS Score: %0.18
- Published: Dec. 18, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2020-24586
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when anothe... Read more
Affected Products : linux_kernel debian_linux ieee_802.11 ac_9461_firmware ac_9462_firmware ac_9560_firmware ax210_firmware ax201_firmware ax200_firmware ac_9260_firmware +34 more products- EPSS Score: %0.25
- Published: May. 11, 2021
- Modified: Nov. 21, 2024
-
3.5
LOWCVE-2013-4698
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox.... Read more
Affected Products : mailwise- EPSS Score: %0.22
- Published: Aug. 16, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-4790
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mai... Read more
Affected Products : open-xchange_appsuite- EPSS Score: %0.28
- Published: Sep. 05, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-5793
Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.... Read more
Affected Products : mysql- EPSS Score: %0.55
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2013-4255
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which all... Read more
- EPSS Score: %0.71
- Published: Oct. 11, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2014-8987
Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inject arbitrary web script or HTML via the config_option pa... Read more
Affected Products : mantisbt- EPSS Score: %0.53
- Published: Aug. 24, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2022-45393
A cross-site request forgery (CSRF) vulnerability in Jenkins Delete log Plugin 1.0 and earlier allows attackers to delete build logs.... Read more
Affected Products : delete_log- EPSS Score: %0.06
- Published: Nov. 15, 2022
- Modified: Apr. 30, 2025