Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2023-3374 Vulnerability in privilege-escalation (CVE-2023-3374)
vulnerability in privilege-escalation (CVE-2023-3374). Successful exploitation can lead to full system takeover.
CVE-2023-36361 SQL Injection in sqli (CVE-2023-36361)
SQL injection in sqli (CVE-2023-36361). Successful exploitation can lead to full system takeover.
CVE-2023-36088 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-36088)
SSRF in ssrf (CVE-2023-36088). Confidential information can be exposed externally.
CVE-2023-39810 An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.
CVE-2023-41098 Cross-Site Scripting (XSS) in misp-project (CVE-2023-41098)
cross-site scripting in misp-project (CVE-2023-41098). Risk of unauthorized operations or information disclosure.
CVE-2023-39061 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-39061)
vulnerability in csrf (CVE-2023-39061). Risk of unauthorized operations or information disclosure.
CVE-2023-38899 SQL Injection in sqli (CVE-2023-38899)
SQL injection in sqli (CVE-2023-38899). Successful exploitation can lead to full system takeover.
CVE-2020-28715 Vulnerability in dos (CVE-2020-28715)
vulnerability in dos (CVE-2020-28715). Successful exploitation can lead to full system takeover.
CVE-2023-39807 SQL Injection in sqli (CVE-2023-39807)
SQL injection in sqli (CVE-2023-39807). Successful exploitation can lead to full system takeover.
CVE-2023-38838 SQL Injection in sqli (CVE-2023-38838)
SQL injection in sqli (CVE-2023-38838). Confidential information can be exposed externally.
CVE-2020-26037 Path Traversal in path-traversal (CVE-2020-26037)
path traversal in path-traversal (CVE-2020-26037). Successful exploitation can lead to full system takeover.
CVE-2023-30188 Vulnerability in dos (CVE-2023-30188)
vulnerability in dos (CVE-2023-30188). Risk of unauthorized operations or information disclosure.
CVE-2023-37847 novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.
novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.
CVE-2020-35990 Vulnerability in dos (CVE-2020-35990)
vulnerability in dos (CVE-2020-35990). Risk of unauthorized operations or information disclosure.
CVE-2023-40224 MISP 2.4.174 allows XSS in app/View/Events/index.ctp.
MISP 2.4.174 allows XSS in app/View/Events/index.ctp.
CVE-2023-39805 SQL Injection in sqli (CVE-2023-39805)
SQL injection in sqli (CVE-2023-39805). Successful exploitation can lead to full system takeover.
CVE-2023-39806 iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.
iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.
CVE-2023-39004 Vulnerability in privilege-escalation (CVE-2023-39004)
vulnerability in privilege-escalation (CVE-2023-39004). Successful exploitation can lead to full system takeover.
CVE-2023-3632 Vulnerability in kunduz (CVE-2023-3632)
vulnerability in kunduz (CVE-2023-3632). Successful exploitation can lead to full system takeover.
CVE-2023-26961 Cross-Site Scripting (XSS) in alteryx (CVE-2023-26961)
cross-site scripting in alteryx (CVE-2023-26961). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /gallery/api/media`.
CVE-2023-37646 Path Traversal in path-traversal (CVE-2023-37646)
path traversal in path-traversal (CVE-2023-37646). Successful exploitation can lead to full system takeover.
CVE-2023-3386 SQL Injection in sqli (CVE-2023-3386)
SQL injection in sqli (CVE-2023-3386). Successful exploitation can lead to full system takeover.
CVE-2023-3522 SQL Injection in sqli (CVE-2023-3522)
SQL injection in sqli (CVE-2023-3522). Successful exploitation can lead to full system takeover.
CVE-2023-3651 SQL Injection in sqli (CVE-2023-3651)
SQL injection in sqli (CVE-2023-3651). Successful exploitation can lead to full system takeover.
CVE-2023-3652 Cross-Site Scripting (XSS) in digital-ant (CVE-2023-3652)
cross-site scripting in digital-ant (CVE-2023-3652). Risk of unauthorized operations or information disclosure.
CVE-2023-3653 Cross-Site Scripting (XSS) in digital-ant (CVE-2023-3653)
cross-site scripting in digital-ant (CVE-2023-3653). Risk of unauthorized operations or information disclosure.
CVE-2023-37688 Cross-Site Scripting (XSS) in sqli (CVE-2023-37688)
cross-site scripting in sqli (CVE-2023-37688). Risk of unauthorized operations or information disclosure.
CVE-2023-37689 Cross-Site Scripting (XSS) in sqli (CVE-2023-37689)
cross-site scripting in sqli (CVE-2023-37689). Risk of unauthorized operations or information disclosure.
CVE-2023-37690 Cross-Site Scripting (XSS) in sqli (CVE-2023-37690)
cross-site scripting in sqli (CVE-2023-37690). Risk of unauthorized operations or information disclosure.
CVE-2023-37684 Cross-Site Scripting (XSS) in phpgurukul (CVE-2023-37684)
cross-site scripting in phpgurukul (CVE-2023-37684). Risk of unauthorized operations or information disclosure.
CVE-2023-37685 Cross-Site Scripting (XSS) in phpgurukul (CVE-2023-37685)
cross-site scripting in phpgurukul (CVE-2023-37685). Risk of unauthorized operations or information disclosure.
CVE-2023-37686 Cross-Site Scripting (XSS) in phpgurukul (CVE-2023-37686)
cross-site scripting in phpgurukul (CVE-2023-37686). Risk of unauthorized operations or information disclosure.
CVE-2023-3716 SQL Injection in sqli (CVE-2023-3716)
SQL injection in sqli (CVE-2023-3716). Successful exploitation can lead to full system takeover.
CVE-2023-37683 Cross-Site Scripting (XSS) in phpgurukul (CVE-2023-37683)
cross-site scripting in phpgurukul (CVE-2023-37683). Risk of unauthorized operations or information disclosure.
CVE-2023-37687 SQL Injection in phpgurukul (CVE-2023-37687)
SQL injection in phpgurukul (CVE-2023-37687). Successful exploitation can lead to full system takeover.
CVE-2023-3717 SQL Injection in sqli (CVE-2023-3717)
SQL injection in sqli (CVE-2023-3717). Successful exploitation can lead to full system takeover.
CVE-2023-3898 SQL Injection in sqli (CVE-2023-3898)
SQL injection in sqli (CVE-2023-3898). Successful exploitation can lead to full system takeover.
CVE-2023-36158 Cross-Site Scripting (XSS) in oretnom23 (CVE-2023-36158)
cross-site scripting in oretnom23 (CVE-2023-36158). Risk of unauthorized operations or information disclosure.
CVE-2023-36159 Cross-Site Scripting (XSS) in oretnom23 (CVE-2023-36159)
cross-site scripting in oretnom23 (CVE-2023-36159). Risk of unauthorized operations or information disclosure.
CVE-2023-38951 Path Traversal in path-traversal (CVE-2023-38951)
path traversal in path-traversal (CVE-2023-38951). Successful exploitation can lead to full system takeover.
CVE-2023-37679 Command Injection in nextgen (CVE-2023-37679)
command injection in nextgen (CVE-2023-37679). Successful exploitation can lead to full system takeover.
CVE-2023-38954 ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
CVE-2023-38956 Path Traversal in path-traversal (CVE-2023-38956)
path traversal in path-traversal (CVE-2023-38956). Confidential information can be exposed externally.
CVE-2023-36081 Cross-Site Scripting (XSS) in gatesair (CVE-2023-36081)
cross-site scripting in gatesair (CVE-2023-36081). Risk of unauthorized operations or information disclosure.
CVE-2023-34552 Out-of-Bounds Write in c (CVE-2023-34552)
out-of-bounds write in c (CVE-2023-34552). Successful exploitation can lead to full system takeover.
CVE-2023-34551 Out-of-Bounds Write in c (CVE-2023-34551)
out-of-bounds write in c (CVE-2023-34551). Successful exploitation can lead to full system takeover.
CVE-2023-38559 Out-of-Bounds Read in c (CVE-2023-38559)
vulnerability in c (CVE-2023-38559). Risk of unauthorized operations or information disclosure.
CVE-2023-34842 Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
CVE-2023-37647 SQL Injection in sqli (CVE-2023-37647)
SQL injection in sqli (CVE-2023-37647). Successful exploitation can lead to full system takeover.
CVE-2020-22623 Path Traversal in path-traversal (CVE-2020-22623)
path traversal in path-traversal (CVE-2020-22623). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →