Latest CVE Feed
-
3.5
LOWCVE-2013-5402
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utili... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities smartcloud_control_desk change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government +2 more products- Published: Dec. 18, 2013
- Modified: Apr. 11, 2025
-
3.5
LOWCVE-2014-0915
Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management 6.2 through 6.2.8, 6.x and 7.1 through 7.1.1.2, and 7.5 through 7.5.0.6; Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk; ... Read more
- Published: Jul. 30, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0824
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change an... Read more
- Published: May. 26, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-0897
The Configuration Patterns component in IBM Flex System Manager (FSM) 1.2.0.x, 1.2.1.x, 1.3.0.x, and 1.3.1.x uses a weak algorithm in an encryption step during Chassis Management Module (CMM) account creation, which makes it easier for remote authenticate... Read more
Affected Products : flex_system_manager- Published: Aug. 29, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2006-2632
Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions.... Read more
Affected Products : bytehoard- Published: May. 30, 2006
- Modified: Apr. 03, 2025
-
3.5
LOWCVE-2008-4152
Cross-site scripting (XSS) vulnerability in the Talk module 5.x before 5.x-1.3 and 6.x before 6.x-1.5, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via a node title.... Read more
Affected Products : talk- Published: Sep. 24, 2008
- Modified: Apr. 09, 2025
-
3.5
LOWCVE-2015-0129
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.... Read more
- Published: Mar. 13, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-0109
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inj... Read more
Affected Products : maximo_asset_management maximo_for_life_sciences maximo_for_nuclear_power maximo_for_oil_and_gas maximo_for_transportation maximo_for_utilities change_and_configuration_management_database maximo_asset_management_essentials maximo_for_government tivoli_asset_management_for_it +1 more products- Published: Feb. 18, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-6568
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.... Read more
Affected Products : ubuntu_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_tus mysql enterprise_linux_eus +6 more products- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-0212
Cross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary.... Read more
Affected Products : moodle- Published: Jun. 01, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-0125
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and Rational Requirements Composer 4.x before 4.0.7 iFix3 allows remote authenticated users to inject arbitrary web script or HTML v... Read more
- Published: Mar. 18, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-1621
Cross-site scripting (XSS) vulnerability in the Webform prepopulate block module before 7.x-3.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : webform_prepopulate_block- Published: Feb. 17, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-2677
Multiple cross-site scripting (XSS) vulnerabilities in ocPortal before 9.0.17 allow remote authenticated users to inject arbitrary web script or HTML via the (1) title or (2) text field in the cms_calendar page to cms/index.php; unspecified fields in (3) ... Read more
Affected Products : ocportal- Published: Mar. 23, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-6592
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389.... Read more
- Published: Jan. 21, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-6474
Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.... Read more
- Published: Oct. 15, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2014-8379
Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the (1) Webform ... Read more
Affected Products : marketo_ma- Published: Oct. 21, 2014
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-0156
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote authenticated users to inject a... Read more
- Published: May. 25, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2021-25740
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.... Read more
Affected Products : kubernetes- Published: Sep. 20, 2021
- Modified: Nov. 21, 2024
-
3.5
LOWCVE-2015-2760
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : data_loss_prevention_endpoint- Published: Mar. 27, 2015
- Modified: Apr. 12, 2025
-
3.5
LOWCVE-2015-2649
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.22, and 15.0 allows remote authenticated users to affect confidentiality via vectors related to UIF Open UI.... Read more
Affected Products : siebel_crm- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025