Export limit exceeded: 46582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46582 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2018-21155 1 Netgear 20 D7800, D7800 Firmware, Dm200 and 17 more 2024-11-21 6.1 Medium
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.
CVE-2018-21137 1 Netgear 4 D3600, D3600 Firmware, D6000 and 1 more 2024-11-21 9.8 Critical
Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.
CVE-2018-21095 1 Netgear 4 Srr60, Srr60 Firmware, Srs60 and 1 more 2024-11-21 4.3 Medium
Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210.
CVE-2018-21030 1 Jupyter 1 Notebook 2024-11-21 5.3 Medium
Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document.
CVE-2018-21014 1 Buddyboss 1 Buddymoss Media 2024-11-21 5.4 Medium
The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS.
CVE-2018-21012 1 Vsourz 1 Cf7 Invisible Recaptcha 2024-11-21 6.1 Medium
The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS.
CVE-2018-21001 1 Bologer 1 Anycomment 2024-11-21 N/A
The anycomment plugin before 0.0.33 for WordPress has XSS.
CVE-2018-20986 1 Advancedcustomfields 1 Advanced Custom Fields 2024-11-21 N/A
The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors.
CVE-2018-20983 1 Meowapps 1 Wp Retina 2x 2024-11-21 N/A
The wp-retina-2x plugin before 5.2.3 for WordPress has XSS.
CVE-2018-20982 1 Davidlingren 1 Media Library Assistant 2024-11-21 N/A
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.
CVE-2018-20978 1 Soflyy 1 Wp All Import 2024-11-21 N/A
The wp-all-import plugin before 3.4.7 for WordPress has XSS.
CVE-2018-20975 1 Fatfreecrm 1 Fat Free Crm 2024-11-21 N/A
Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb.
CVE-2018-20970 1 Bestwebsoft 1 Pdf \& Print 2024-11-21 N/A
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
CVE-2018-20966 1 Booster 1 Booster For Woocommerce 2024-11-21 N/A
The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.
CVE-2018-20965 1 Ultimatemember 1 Ultimate Member 2024-11-21 6.1 Medium
The ultimate-member plugin before 2.0.4 for WordPress has XSS.
CVE-2018-20963 1 Codepeople 1 Contact Form Email 2024-11-21 N/A
The contact-form-to-email plugin before 1.2.66 for WordPress has XSS.
CVE-2018-20962 1 Backpackforlaravel 1 Backpack\\crud 2024-11-21 N/A
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type.
CVE-2018-20955 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 N/A
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20953 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2018-20951 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).