Export limit exceeded: 46615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46615 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-0798 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2024-11-21 | N/A |
| A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'. | ||||
| CVE-2019-0778 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Foundation | 2024-11-21 | N/A |
| A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | ||||
| CVE-2019-0777 | 1 Microsoft | 1 Team Foundation Server | 2024-11-21 | N/A |
| A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. | ||||
| CVE-2019-0743 | 1 Microsoft | 1 Team Foundation Server | 2024-11-21 | N/A |
| A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742. | ||||
| CVE-2019-0742 | 1 Microsoft | 1 Team Foundation Server | 2024-11-21 | N/A |
| A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743. | ||||
| CVE-2019-0668 | 1 Microsoft | 1 Sharepoint Enterprise Server | 2024-11-21 | N/A |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. | ||||
| CVE-2019-0646 | 1 Microsoft | 1 Team Foundation Server | 2024-11-21 | N/A |
| A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team. | ||||
| CVE-2019-0624 | 1 Microsoft | 1 Skype For Business | 2024-11-21 | N/A |
| A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype. | ||||
| CVE-2019-0395 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad), before version 4.2, allows execution of JavaScript in a text module in Fiori BI Launchpad, leading to Stored Cross Site Scripting vulnerability. | ||||
| CVE-2019-0385 | 1 Sap | 1 Enable Now | 2024-11-21 | 6.5 Medium |
| SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | ||||
| CVE-2019-0382 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Business Intelligence Platform (Web Intelligence-Publication related pages); corrected in version 4.2. Privileges are required in order to exploit this vulnerability. | ||||
| CVE-2019-0378 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name of the background image resulting in Stored Cross-Site Scripting. | ||||
| CVE-2019-0377 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting. | ||||
| CVE-2019-0376 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an attacker to save malicious scripts in the publication name, which can be executed later by the victim, resulting in Stored Cross-Site Scripting. | ||||
| CVE-2019-0375 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the export dialog box of the report name resulting in reflected Cross-Site Scripting. | ||||
| CVE-2019-0374 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.4 Medium |
| SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting | ||||
| CVE-2019-0369 | 1 Sap | 1 Financial Consolidation | 2024-11-21 | 5.4 Medium |
| SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability. | ||||
| CVE-2019-0368 | 1 Sap | 2 Customer Relationship Management Bbpcrm, Customer Relationship Management S4crm | 2024-11-21 | 5.4 Medium |
| SAP Customer Relationship Management (Email Management), versions: S4CRM before 1.0 and 2.0, BBPCRM before 7.0, 7.01, 7.02, 7.12, 7.13 and 7.14, does not sufficiently encode user-controlled inputs within the mail client resulting in Cross-Site Scripting vulnerability. | ||||
| CVE-2019-0361 | 1 Sap | 1 Supplier Relationship Management | 2024-11-21 | 6.1 Medium |
| SAP Supplier Relationship Management (Master Data Management Catalog - SRM_MDM_CAT, before versions 3.73, 7.31, 7.32) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | ||||
| CVE-2019-0337 | 1 Sap | 1 Netweaver Process Integration | 2024-11-21 | N/A |
| Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting (XSS) vulnerability | ||||