CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 12824 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 358260 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 46697 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (46697 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-40545	1 Soplanning	1 Soplanning	2026-06-01	N/A
SOPlanning is vulnerable to Reflected XSS via the taches parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue affects SOPlanning version 1.55 and below.
CVE-2024-12796	1 Holistic It	1 Workcube Erp	2026-06-01	5.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Holistic IT, Consultancy Coop. Workcube ERP allows Reflected XSS. This issue affects Workcube ERP: from V12 - V14 before Cognitive.
CVE-2024-12914	1 Akinsoft	1 Qr Menu	2026-06-01	4.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akınsoft QR Menü allows Cross-Site Scripting (XSS). This issue affects QR Menü: from s1.05.05 before v1.05.12.
CVE-2026-49368	1 Jetbrains	1 Youtrack	2026-06-01	8.7 High
In JetBrains YouTrack before 2026.1.13162 stored XSS in project notification templates was possible
CVE-2024-12915			2026-06-01	4.6 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Devinim Software Library Software allows Reflected XSS. This issue affects Library Software: before 24.11.02.
CVE-2024-12972	1 Akinsoft	1 Octocloud	2026-06-01	4.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting (XSS). This issue affects OctoCloud: from s1.09.01 before v1.11.01.
CVE-2026-49384	1 Jetbrains	1 Pycharm	2026-06-01	6.1 Medium
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
CVE-2024-12974	1 Akinsoft	1 Prokuaför	2026-06-01	4.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft ProKuaför allows Cross-Site Scripting (XSS). This issue affects ProKuaför: from s1.02.07 before v1.02.08.
CVE-2024-13064	1 Akinsoft	1 Myrezzta	2026-06-01	4.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft MyRezzta allows Cross-Site Scripting (XSS). This issue affects MyRezzta: from s2.02.02 before v2.05.01.
CVE-2024-13071	1 Akinsoft	1 E-mutabakat	2026-06-01	4.3 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft e-Mutabakat allows Cross-Site Scripting (XSS). This issue affects e-Mutabakat: from 2.02.05 before v2.02.06.
CVE-2024-13073	1 Akinsoft	1 Taskpano	2026-06-01	4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft TaskPano allows Cross-Site Scripting (XSS). This issue affects TaskPano: s1.06.04.
CVE-2023-0320	1 University Information Management System Project	1 University Information Management System	2026-06-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Izmir Katip Celebi University UBYS allows Stored XSS. This issue affects UBYS: before 23.03.16.
CVE-2023-0322	1 Talentyazilim	1 Unis	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS. This issue affects UNIS: before 28376.
CVE-2023-0577	1 Asosegitim	1 Sobiad	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies SOBIAD allows Cross-Site Scripting (XSS). This issue affects SOBIAD: before 23.02.01.
CVE-2023-0578	1 Asosegitim	1 Bookcites	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ASOS Information Technologies Book Cites allows Cross-Site Scripting (XSS). This issue affects Book Cites: before 23.01.05.
CVE-2023-1051	1 Askoc	1 Web Report System	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in As Koc Energy Web Report System allows Reflected XSS. This issue affects Web Report System: before 23.03.10.
CVE-2023-1060	1 Ykmbilisim	1 Ykm Crm	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YKM YKM CRM allows Reflected XSS. This issue affects YKM CRM: before 23.03.30.
CVE-2023-1154	1 Pacsrapor	1 Pacsrapor	2026-06-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pacsrapor allows Reflected XSS. This issue affects Pacsrapor: before 1.22.
CVE-2026-36538	1 Netis	1 Ac1200 Router	2026-05-30	7.3 High
Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root credential stored in /etc/shadow.sample. The password for the root account is set to the trivially weak value root, allowing an attacker with access to the device to authenticate as root and gain full control of the underlying operating system.
CVE-2026-38931	1 Creatorsofcode	1 Simplephp	2026-05-30	5.4 Medium
A stored cross-site scripting (XSS) vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff (Latest as of 2026-02-27) via injecting a crafted payload.

« first previous Page 30 of 2335. next last »