ReportizFlow
Filtered by vendor
Subscriptions
Total
42689 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6225 | 2 Broadcom, Brocade | 2 Fabric Operating System, Fabric Os | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information. | ||||
| CVE-2017-6217 | 1 Paypal | 1 Adaptive Payments Sdk | 2024-11-21 | N/A |
| paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution | ||||
| CVE-2017-6216 | 1 Novaksolutions | 1 Infusionsoft-php-sdk | 2024-11-21 | N/A |
| novaksolutions/infusionsoft-php-sdk v2016-10-31 is vulnerable to a reflected XSS in the leadscoring.php resulting code execution | ||||
| CVE-2017-6215 | 1 Paypal | 1 Php Permissions Sdk | 2024-11-21 | N/A |
| paypal/permissions-sdk-php is vulnerable to reflected XSS in the samples/GetAccessToken.php verification_code parameter, resulting in code execution. | ||||
| CVE-2017-6213 | 1 Paypal | 1 Php Invoice Sdk | 2024-11-21 | N/A |
| paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution. | ||||
| CVE-2017-5934 | 4 Canonical, Debian, Moinmo and 1 more | 4 Ubuntu Linux, Debian Linux, Moinmoin and 1 more | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2017-5864 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-5827 | 1 Hp | 1 Aruba Clearpass Policy Manager | 2024-11-21 | N/A |
| A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found. | ||||
| CVE-2017-5800 | 1 Hp | 1 Operations Bridge Analytics | 2024-11-21 | N/A |
| A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations Bridge Analytics version v3.0 was found. | ||||
| CVE-2017-5798 | 1 Hp | 1 Opencall Media Platform | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x). | ||||
| CVE-2017-5536 | 1 Tibco | 1 Datasynapse Gridserver Manager | 2024-11-21 | N/A |
| The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). In addition, an authenticated user could be a victim of a cross-site request forgery (CSRF) attack. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0. | ||||
| CVE-2017-5458 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox < 53. | ||||
| CVE-2017-5393 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects Firefox < 51. | ||||
| CVE-2017-5213 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-5124 | 3 Debian, Google, Redhat | 3 Debian Linux, Chrome, Rhel Extras | 2024-11-21 | N/A |
| Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. | ||||
| CVE-2017-3964 | 1 Mcafee | 1 Network Security Manager | 2024-11-21 | N/A |
| Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter. | ||||
| CVE-2017-3961 | 1 Mcafee | 1 Network Security Manager | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes. | ||||
| CVE-2017-3180 | 1 Tibco | 10 Silver Fabric Enabler For Spotfire Web Player, Spotfire Analyst, Spotfire Analytics Platform For Aws and 7 more | 2024-11-21 | N/A |
| Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The products and versions that are affected include the following: TIBCO Silver Fabric Enabler for Spotfire Web Player 2.1.2 and earlier TIBCO Spotfire Analyst 7.5.0 TIBCO Spotfire Analyst 7.6.0 TIBCO Spotfire Analyst 7.7.0 TIBCO Spotfire Analytics Platform for AWS Marketplace 7.0.2 and earlier TIBCO Spotfire Automation Services 6.5.3 and earlier TIBCO Spotfire Automation Services 7.0.0, and 7.0.1 TIBCO Spotfire Connectors 7.6.0 TIBCO Spotfire Deployment Kit 6.5.3 and earlier TIBCO Spotfire Deployment Kit 7.0.0, and 7.0.1 TIBCO Spotfire Deployment Kit 7.5.0 TIBCO Spotfire Deployment Kit 7.6.0 TIBCO Spotfire Deployment Kit 7.7.0 TIBCO Spotfire Desktop 6.5.2 and earlier TIBCO Spotfire Desktop 7.0.0, and 7.0.1 TIBCO Spotfire Desktop 7.5.0 TIBCO Spotfire Desktop 7.6.0 TIBCO Spotfire Desktop 7.7.0 TIBCO Spotfire Desktop Developer Edition 7.7.0 TIBCO Spotfire Desktop Language Packs 7.0.1 and earlier TIBCO Spotfire Desktop Language Packs 7.5.0 TIBCO Spotfire Desktop Language Packs 7.6.0 TIBCO Spotfire Desktop Language Packs 7.7.0 TIBCO Spotfire Professional 6.5.3 and earlier TIBCO Spotfire Professional 7.0.0 and 7.0.1 TIBCO Spotfire Web Player 6.5.3 and earlier TIBCO Spotfire Web Player 7.0.0 and 7.0.1 | ||||
| CVE-2017-2746 | 1 Hp | 1 Jetadvantage Security Manager | 2024-11-21 | N/A |
| Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to create a denial of service. | ||||
| CVE-2017-2745 | 1 Hp | 1 Jetadvantage Security Manager | 2024-11-21 | N/A |
| Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be exploited to allow stored cross-site scripting which could allow a hacker to execute scripts in a user's browser. | ||||