Total
41100 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-8987 | 1 Tibco | 2 Data Science For Aws, Spotfire Data Science | 2024-11-21 | 5.4 Medium |
| The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to more privileged users. Affected releases are TIBCO Software Inc.'s TIBCO Data Science for AWS: versions up to and including 6.4.0, and TIBCO Spotfire Data Science: versions up to and including 6.4.0. | ||||
| CVE-2019-8984 | 1 Altn | 1 Mdaemon | 2024-11-21 | N/A |
| MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2). | ||||
| CVE-2019-8983 | 1 Altn | 1 Mdaemon | 2024-11-21 | N/A |
| MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2). | ||||
| CVE-2019-8953 | 1 Netgate | 1 Haproxy | 2024-11-21 | N/A |
| The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php. | ||||
| CVE-2019-8947 | 1 Zimbra | 1 Collaboration Server | 2024-11-21 | 6.1 Medium |
| Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS. | ||||
| CVE-2019-8946 | 1 Zimbra | 1 Collaboration Server | 2024-11-21 | 6.1 Medium |
| Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. | ||||
| CVE-2019-8945 | 1 Zimbra | 1 Collaboration Server | 2024-11-21 | 6.1 Medium |
| Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. | ||||
| CVE-2019-8939 | 1 Tautulli | 1 Tautulli | 2024-11-21 | N/A |
| data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page. | ||||
| CVE-2019-8938 | 1 Vertrigoserv Project | 1 Vertrigoserv | 2024-11-21 | N/A |
| VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter. | ||||
| CVE-2019-8937 | 1 Digitaldruid | 1 Hoteldruid | 2024-11-21 | N/A |
| HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. | ||||
| CVE-2019-8935 | 1 O-dyn | 1 Collabtive | 2024-11-21 | N/A |
| Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter. | ||||
| CVE-2019-8929 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype. | ||||
| CVE-2019-8928 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName. | ||||
| CVE-2019-8927 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Type, schDesc, schName, schSource, selectDeviceDone, task, val10, and val11. | ||||
| CVE-2019-8926 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource. | ||||
| CVE-2019-8924 | 1 Apachefriends | 1 Xampp | 2024-11-21 | N/A |
| XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued. | ||||
| CVE-2019-8920 | 1 Apachefriends | 1 Xampp | 2024-11-21 | N/A |
| iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569. | ||||
| CVE-2019-8911 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | N/A |
| An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box (for the website statistics code). | ||||
| CVE-2019-8813 | 3 Apple, Redhat, Webkitgtk | 8 Icloud, Ipados, Iphone Os and 5 more | 2024-11-21 | 6.1 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2019-8764 | 3 Apple, Redhat, Webkitgtk | 3 Watchos, Enterprise Linux, Webkitgtk\+ | 2024-11-21 | 6.1 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||