Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44305 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-3987 1 Hp 1 Insight Control Virtual Machine Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3991 1 Hp 2 Insight Control Server Migration, Insight Control Server Migration6.0.1 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3994 1 Hp 2 Hp, Version Control Repository Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4023 1 Hp 1 Insight Control Power Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4030 1 Hp 1 Insight Control Performance Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4047 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.
CVE-2010-4071 1 Otrs 1 Otrs 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail.
CVE-2010-4097 1 Avatic 1 Aardvark Topsites Php 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.
CVE-2010-4101 1 Hp 1 Insight Recovery 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4109 1 Hp 1 Palm Webos 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
CVE-2010-4111 3 Hp, Linux, Microsoft 3 Insight Diagnostics, Linux Kernel, Windows 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4114 2 Hp, Microsoft 2 Discovery\&dependency Mapping Inventory, Windows 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4146 1 Attachmate 1 Reflection For The Web 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4155 1 Exv2 1 Exv2 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to (2) modules/news/archive.php, (3) modules/news/topics.php, and (4) modules/contact/index.php, different vectors than CVE-2007-1965.
CVE-2010-4693 1 Coppermine-gallery 1 Coppermine Photo Gallery 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters to help.php, or (3) picfile_XXX parameter to searchnew.php.
CVE-2010-4716 1 Novell 1 Groupwise 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-4718 2 Joomla, Lyften 2 Joomla\!, Com Lyftenbloggie 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php.
CVE-2010-4734 1 Amix 1 Skeletonz Cms 1.0 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the comment feature in Skeletonz CMS 1.0, when the Blog plugin is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Email parameters. NOTE: some of these details are obtained from third party information.
CVE-2010-4745 1 Gareth Watts 1 Phpxref 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2010-4747 2 Ahmattox, Wordpress 2 Processing Embed Plugin, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter.