Export limit exceeded: 349510 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45827 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45827 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-29489 1 Cpanel 1 Cpanel 2024-11-21 5.3 Medium
An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
CVE-2023-29452 1 Zabbix 1 Zabbix 2024-11-21 5.5 Medium
Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider.
CVE-2023-29441 1 Deepsoft 1 Weblibrarian 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions.
CVE-2023-29438 1 Simplemodal Contact Form Project 1 Simplemodal Contact Form 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Martin SimpleModal Contact Form (SMCF) plugin <= 1.2.9 versions.
CVE-2023-29437 1 Connections-pro 1 Connections Business Directory 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.
CVE-2023-29436 1 Iframe Shortcode Project 1 Iframe Shortcode 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flyn San IFrame Shortcode plugin <= 1.0.5 versions.
CVE-2023-29435 1 Zwaply 1 Cryptocurrency All-in-one 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Zwaply Cryptocurrency All-in-One plugin <= 3.0.19 versions.
CVE-2023-29434 1 Fancythemes 1 Optin Forms 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress plugin <= 1.3.1 versions.
CVE-2023-29430 1 Cththemes 1 Theroof 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof theme <= 1.0.3 versions.
CVE-2023-29427 1 Tms-outsource 1 Amelia 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in TMS Booking for Appointments and Events Calendar – Amelia plugin <= 1.0.75 versions.
CVE-2023-29424 1 Plainware 1 Shiftcontroller 2024-11-21 7.1 High
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.
CVE-2023-29423 1 Piwebsolution 1 Cancel Order Request \/ Return Order \/ Repeat Order \/ Reorder For Woocommerce 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin <= 1.3.2 versions.
CVE-2023-29387 1 Juliencrego 1 Manager For Icomoon 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions.
CVE-2023-29247 1 Apache 1 Airflow 2024-11-21 5.4 Medium
Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.
CVE-2023-29171 1 Magic-post-thumbnail 1 Magic Post Thumbnail 2024-11-21 7.1 High
Unauth. Reflected Cross-site Scripting (XSS) vulnerability in Magic Post Thumbnail plugin <= 4.1.10 versions.
CVE-2023-29100 1 Dream-theme 1 The7 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <= 11.6.0 versions.
CVE-2023-29098 1 Artistscope 1 Copysafe Web Protection 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <= 3.13 versions.
CVE-2023-29097 1 A3rev 1 A3 Portfolio 2024-11-21 5.9 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin <= 3.1.0 versions.
CVE-2023-29093 1 Piwebsolution 1 Conditional Cart Fee \/ Extra Charge Rule For Woocommerce Extra Fees 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PI Websolution Conditional cart fee plugin <= 1.0.96 versions.
CVE-2023-29064 2 Bd, Hp 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 2024-11-21 4.1 Medium
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts.