Total
37356 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-29252 | 1 Rsa | 1 Archer | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
RSA Archer before 6.9 SP1 P1 (6.9.1.1) contains a stored XSS vulnerability. A remote authenticated malicious Archer user with access to modify link name fields could potentially exploit this vulnerability to execute code in a victim's browser. | |||||
CVE-2021-29250 | 1 Btcpayserver | 1 Btcpay Server | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site Scripting (XSS) vulnerability within the POS Add Products functionality. This enables cookie stealing. | |||||
CVE-2021-29243 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS. | |||||
CVE-2021-29216 | 1 Hpe | 1 Oneview Global Dashboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
A remote cross-site scripting vulnerability was discovered in HPE OneView Global Dashboard version(s): Prior to 2.5. HPE has provided a software update to resolve this vulnerability in HPE OneView Global Dashboard. | |||||
CVE-2021-29211 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29210 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29209 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29208 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29207 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29206 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29205 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29204 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29201 | 1 Hp | 29 Integrated Lights-out 4, Integrated Lights-out 5, Proliant Bl460c Gen10 Server Blade and 26 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78. | |||||
CVE-2021-29159 | 1 Sonatype | 1 Nexus Repository Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application. | |||||
CVE-2021-29148 | 1 Arubanetworks | 8 Aos-cx Firmware, Cx 6200f, Cx 6300 and 5 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability. | |||||
CVE-2021-29146 | 1 Arubanetworks | 1 Clearpass | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
CVE-2021-29142 | 1 Arubanetworks | 1 Clearpass | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
CVE-2021-29139 | 1 Arubanetworks | 1 Clearpass | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
CVE-2021-29116 | 1 Esri | 1 Arcgis Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server feature services versions 10.8.1 and 10.9 (only) feature services may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser. | |||||
CVE-2021-29110 | 1 Esri | 1 Portal For Arcgis | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Stored cross-site scripting (XSS) issue in Esri Portal for ArcGIS may allow a remote unauthenticated attacker to pass and store malicious strings in the home application. |