Search
Search Results (42958 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3766 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-05-05 | 6.1 Medium |
| Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | ||||
| CVE-2024-50053 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcentre Plus | 2025-05-05 | 6.3 Medium |
| Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and SupportCentre Plus versions below 14910 are vulnerable to Stored XSS in the task feature. | ||||
| CVE-2022-43372 | 1 Emlog | 1 Emlog | 2025-05-05 | 4.8 Medium |
| Emlog Pro v1.7.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /admin/store.php. | ||||
| CVE-2024-21395 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 8.2 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2024-21328 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 7.6 High |
| Dynamics 365 Sales Spoofing Vulnerability | ||||
| CVE-2024-20679 | 1 Microsoft | 1 Azure Stack Hub | 2025-05-03 | 6.5 Medium |
| Azure Stack Hub Spoofing Vulnerability | ||||
| CVE-2024-21394 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 7.6 High |
| Dynamics 365 Field Service Spoofing Vulnerability | ||||
| CVE-2024-21393 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2024-21389 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2024-21419 | 1 Microsoft | 1 Dynamics 365 | 2025-05-03 | 7.6 High |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2024-29049 | 1 Microsoft | 1 Edge Chromium | 2025-05-03 | 4.1 Medium |
| Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | ||||
| CVE-2024-26251 | 1 Microsoft | 1 Sharepoint Server | 2025-05-03 | 6.8 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2024-29063 | 1 Microsoft | 1 Azure Ai Search | 2025-05-03 | 7.3 High |
| Azure AI Search Information Disclosure Vulnerability | ||||
| CVE-2024-30048 | 1 Microsoft | 1 Dynamics 365 Customer Insights | 2025-05-03 | 7.6 High |
| Dynamics 365 Customer Insights Spoofing Vulnerability | ||||
| CVE-2024-30047 | 1 Microsoft | 1 Dynamics 365 Customer Insights | 2025-05-03 | 7.6 High |
| Dynamics 365 Customer Insights Spoofing Vulnerability | ||||
| CVE-2024-30053 | 1 Microsoft | 1 Azure Migrate | 2025-05-03 | 6.5 Medium |
| Azure Migrate Cross-Site Scripting Vulnerability | ||||
| CVE-2023-28362 | 1 Redhat | 1 Satellite | 2025-05-02 | 4 Medium |
| The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. | ||||
| CVE-2022-43982 | 1 Apache | 1 Airflow | 2025-05-02 | 6.1 Medium |
| In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. | ||||
| CVE-2022-43670 | 1 Apache | 1 Sling Cms | 2025-05-02 | 5.4 Medium |
| An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Sling App CMS version 1.1.0 and prior may allow an authenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the taxonomy management feature. | ||||
| CVE-2022-40840 | 1 Ndk-design | 1 Ndkadvancedcustomizationfields | 2025-05-02 | 6.1 Medium |
| ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via createPdf.php. | ||||