Export limit exceeded: 45666 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45666 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-30044 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php. | ||||
| CVE-2021-30042 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on clinics/register.php | ||||
| CVE-2021-30039 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php. | ||||
| CVE-2021-30034 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php. | ||||
| CVE-2021-30030 | 1 Remoteclinic | 1 Remote Clinic | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Full Name field on register-patient.php. | ||||
| CVE-2021-30003 | 1 Nokia | 2 G-120w-f, G-120w-f Firmware | 2024-11-21 | 4.8 Medium |
| An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices. There is Stored XSS in the administrative interface via urlfilter.cgi?add url_address. | ||||
| CVE-2021-29996 | 1 Marktext | 1 Marktext | 2024-11-21 | 9.6 Critical |
| Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by opening .md files containing a mutation Cross Site Scripting (XSS) payload. | ||||
| CVE-2021-29994 | 1 Cloudera | 1 Hue | 2024-11-21 | 6.1 Medium |
| Cloudera Hue 4.6.0 allows XSS. | ||||
| CVE-2021-29991 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-11-21 | 8.1 High |
| Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. This vulnerability affects Firefox < 91.0.1 and Thunderbird < 91.0.1. | ||||
| CVE-2021-29979 | 1 Mozilla | 1 Hubs Cloud | 2024-11-21 | 6.1 Medium |
| Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instance’s primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634. | ||||
| CVE-2021-29953 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.1 Medium |
| A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.*. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3. | ||||
| CVE-2021-29944 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.1 Medium |
| Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 88. | ||||
| CVE-2021-29912 | 2 Ibm, Redhat | 2 Security Risk Manager On Cp4s, Openshift | 2024-11-21 | 5.4 Medium |
| IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828. | ||||
| CVE-2021-29905 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2024-11-21 | 5.4 Medium |
| IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616. | ||||
| CVE-2021-29878 | 1 Ibm | 1 Business Automation Workflow | 2024-11-21 | 5.4 Medium |
| IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 206581. | ||||
| CVE-2021-29855 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205684. | ||||
| CVE-2021-29852 | 1 Ibm | 1 Planning Analytics | 2024-11-21 | 5.4 Medium |
| IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205528. | ||||
| CVE-2021-29849 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-11-21 | 6.1 Medium |
| IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205281. | ||||
| CVE-2021-29841 | 2 Ibm, Linux | 5 Aix, Financial Transaction Manager, Linux On Ibm Z and 2 more | 2024-11-21 | 5.4 Medium |
| IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205045. | ||||
| CVE-2021-29836 | 1 Ibm | 1 Sterling B2b Integrator | 2024-11-21 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912. | ||||