Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 31,034 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-1287 | CRITICAL | Patched | 9.0 | 2023-03-09 | An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution. |
| CVE-2021-33351 | CRITICAL | Patched | 9.0 | 2023-03-08 | Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted pay… |
| CVE-2021-42761 | CRITICAL | Patched | 9.0 | 2023-02-16 | A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 t… |
| CVE-2023-0740 | CRITICAL | Patched | 9.0 | 2023-02-08 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. |
| CVE-2023-0741 | CRITICAL | Patched | 9.0 | 2023-02-08 | Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4. |
| CVE-2023-0742 | CRITICAL | Patched | 9.0 | 2023-02-08 | Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.4. |
| CVE-2023-0743 | CRITICAL | Patched | 9.0 | 2023-02-08 | Cross-site Scripting (XSS) - Generic in GitHub repository answerdev/answer prior to 1.0.4. |
| CVE-2022-48311 | CRITICAL | 9.0 | 2023-02-06 | **UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticate… | |
| CVE-2023-22482 | CRITICAL | Patched | 9.0 | 2023-01-26 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions of Argo CD starting with v1.8.2 and prior to 2.3.13, 2.4.19, 2.5.6, and 2.6.0-rc-3 are v… |
| CVE-2023-20025 | CRITICAL | Patched | 9.0 | 2023-01-20 | A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to byp… |
| CVE-2022-41989 | CRITICAL | Patched | 9.0 | 2023-01-18 | Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. T… |
| CVE-2022-36760 | CRITICAL | Patched | 9.0 | 2023-01-17 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the A… |
| CVE-2023-0014 | CRITICAL | 9.0 | 2023-01-10 | SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.… | |
| CVE-2023-22457 | CRITICAL | Patched | 9.0 | 2023-01-04 | CKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he `CKEditor.HTMLConverter` document lacked a protection against Cros… |
| CVE-2022-34322 | CRITICAL | 9.0 | 2023-01-01 | Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attac… | |
| CVE-2022-4866 | CRITICAL | Patched | 9.0 | 2022-12-31 | Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. |
| CVE-2022-4865 | CRITICAL | Patched | 9.0 | 2022-12-31 | Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. |
| CVE-2022-31358 | CRITICAL | Patched | 9.0 | 2022-12-14 | A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non… |
| CVE-2022-41563 | CRITICAL | Patched | 9.0 | 2022-12-13 | The Dashboard component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports… |
| CVE-2022-37721 | CRITICAL | 9.0 | 2022-11-25 | PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post,… | |
| CVE-2022-37720 | CRITICAL | 9.0 | 2022-11-25 | Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascr… | |
| CVE-2022-41943 | CRITICAL | Patched | 9.0 | 2022-11-22 | sourcegraph is a code intelligence platform. As a site admin it was possible to execute arbitrary commands on Gitserver when the experimental `customGitFetch` feature was e… |
| CVE-2022-42989 | CRITICAL | Patched | 9.0 | 2022-11-22 | ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Caixa de Entrada. |
| CVE-2022-41938 | CRITICAL | Patched | 9.0 | 2022-11-19 | Flarum is an open source discussion platform. Flarum's page title system allowed for page titles to be converted into HTML DOM nodes when pages were rendered. The change wa… |
| CVE-2022-41558 | CRITICAL | Patched | 9.0 | 2022-11-15 | The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analyst, TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Mark… |