Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-25262 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-25262)
SSRF in ssrf (CVE-2023-25262). Confidential information can be exposed externally.
|
| CVE-2023-25261 |
|
Code Injection in stimulsoft (CVE-2023-25261)
code injection in stimulsoft (CVE-2023-25261). Successful exploitation can lead to full system takeover.
|
| CVE-2023-24094 |
|
Out-of-Bounds Write in dos (CVE-2023-24094)
out-of-bounds write in dos (CVE-2023-24094). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-28884 |
|
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
|
| CVE-2023-1051 |
|
Cross-Site Scripting (XSS) in askoc (CVE-2023-1051)
cross-site scripting in askoc (CVE-2023-1051). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-1050 |
|
SQL Injection in sqli (CVE-2023-1050)
SQL injection in sqli (CVE-2023-1050). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1153 |
|
SQL Injection in sqli (CVE-2023-1153)
SQL injection in sqli (CVE-2023-1153). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1154 |
|
Cross-Site Scripting (XSS) in pacsrapor (CVE-2023-1154)
cross-site scripting in pacsrapor (CVE-2023-1154). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-1462 |
|
Vulnerability in vadi (CVE-2023-1462)
vulnerability in vadi (CVE-2023-1462). Successful exploitation can lead to full system takeover.
|
| CVE-2023-0320 |
|
Cross-Site Scripting (XSS) in university-information-management-system-project (CVE-2023-0320)
cross-site scripting in university-information-management-system-project (CVE-2023-0320). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-28606 |
|
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
|
| CVE-2023-28607 |
|
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
|
| CVE-2023-1152 |
|
SQL Injection in sqli (CVE-2023-1152)
SQL injection in sqli (CVE-2023-1152). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26769 |
|
Vulnerability in c (CVE-2023-26769)
vulnerability in c (CVE-2023-26769). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-0322 |
|
Cross-Site Scripting (XSS) in talentyazilim (CVE-2023-0322)
cross-site scripting in talentyazilim (CVE-2023-0322). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-23791 |
|
Cross-Site Scripting (XSS) in firmanet (CVE-2022-23791)
cross-site scripting in firmanet (CVE-2022-23791). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-23790 |
|
Cross-Site Scripting (XSS) in firmanet (CVE-2022-23790)
cross-site scripting in firmanet (CVE-2022-23790). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-4195 |
|
Cross-Site Scripting (XSS) in firmanet (CVE-2021-4195)
cross-site scripting in firmanet (CVE-2021-4195). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-23326 |
|
Cross-Site Scripting (XSS) in avantfax (CVE-2023-23326)
cross-site scripting in avantfax (CVE-2023-23326). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-1198 |
|
SQL Injection in sqli (CVE-2023-1198)
SQL injection in sqli (CVE-2023-1198). Successful exploitation can lead to full system takeover.
|
| CVE-2023-27161 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27161)
SSRF in ssrf (CVE-2023-27161). Confidential information can be exposed externally.
|
| CVE-2022-48111 |
|
Cross-Site Scripting (XSS) in siri-informatica (CVE-2022-48111)
cross-site scripting in siri-informatica (CVE-2022-48111). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-1091 |
|
SQL Injection in sqli (CVE-2023-1091)
SQL injection in sqli (CVE-2023-1091). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1251 |
|
SQL Injection in sqli (CVE-2023-1251)
SQL injection in sqli (CVE-2023-1251). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1267 |
|
SQL Injection in sqli (CVE-2023-1267)
SQL injection in sqli (CVE-2023-1267). Successful exploitation can lead to full system takeover.
|
| CVE-2021-44196 |
|
Cross-Site Scripting (XSS) in ubit (CVE-2021-44196)
cross-site scripting in ubit (CVE-2021-44196). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-44197 |
|
Cross-Site Scripting (XSS) in ubit (CVE-2021-44197)
cross-site scripting in ubit (CVE-2021-44197). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-3760 |
|
SQL Injection in sqli (CVE-2022-3760)
SQL injection in sqli (CVE-2022-3760). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42248 |
|
Cross-Site Scripting (XSS) in qlik (CVE-2022-42248)
cross-site scripting in qlik (CVE-2022-42248). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-35377 |
|
Cross-Site Scripting (XSS) in vicidial (CVE-2021-35377)
cross-site scripting in vicidial (CVE-2021-35377). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-0979 |
|
SQL Injection in sqli (CVE-2023-0979)
SQL injection in sqli (CVE-2023-0979). Successful exploitation can lead to full system takeover.
|
| CVE-2022-2178 |
|
Cross-Site Scripting (XSS) in saysis (CVE-2022-2178)
cross-site scripting in saysis (CVE-2022-2178). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-0578 |
|
Cross-Site Scripting (XSS) in asosegitim (CVE-2023-0578)
cross-site scripting in asosegitim (CVE-2023-0578). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-0577 |
|
Cross-Site Scripting (XSS) in asosegitim (CVE-2023-0577)
cross-site scripting in asosegitim (CVE-2023-0577). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-46501 |
|
SQL Injection in sqli (CVE-2022-46501)
SQL injection in sqli (CVE-2022-46501). Successful exploitation can lead to full system takeover.
|
| CVE-2021-3854 |
|
SQL Injection in sqli (CVE-2021-3854)
SQL injection in sqli (CVE-2021-3854). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45479 |
|
Cross-Site Scripting (XSS) in yordam (CVE-2021-45479)
cross-site scripting in yordam (CVE-2021-45479). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-1064 |
|
SQL Injection in sqli (CVE-2023-1064)
SQL injection in sqli (CVE-2023-1064). Successful exploitation can lead to full system takeover.
|
| CVE-2021-32302 |
|
Cross-Site Scripting (XSS) in irz (CVE-2021-32302)
cross-site scripting in irz (CVE-2021-32302). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-2504 |
|
SQL Injection in sqli (CVE-2022-2504)
SQL injection in sqli (CVE-2022-2504). Successful exploitation can lead to full system takeover.
|
| CVE-2023-0939 |
|
SQL Injection in sqli (CVE-2023-0939)
SQL injection in sqli (CVE-2023-0939). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26314 |
|
Vulnerability in dos (CVE-2023-26314)
vulnerability in dos (CVE-2023-26314). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45701 |
|
Command Injection in commscope (CVE-2022-45701)
command injection in commscope (CVE-2022-45701). Successful exploitation can lead to full system takeover.
|
| CVE-2023-24188 |
|
Path Traversal in path-traversal (CVE-2023-24188)
path traversal in path-traversal (CVE-2023-24188). Data can be tampered with by attackers.
|
| CVE-2022-4557 |
|
Vulnerability in sqli (CVE-2022-4557)
vulnerability in sqli (CVE-2022-4557). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45089 |
|
SQL Injection in sqli (CVE-2022-45089)
SQL injection in sqli (CVE-2022-45089). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45090 |
|
SQL Injection in sqli (CVE-2022-45090)
SQL injection in sqli (CVE-2022-45090). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45086 |
|
Cross-Site Scripting (XSS) in gruparge (CVE-2022-45086)
cross-site scripting in gruparge (CVE-2022-45086). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-45087 |
|
Cross-Site Scripting (XSS) in gruparge (CVE-2022-45087)
cross-site scripting in gruparge (CVE-2022-45087). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-45091 |
|
Cross-Site Scripting (XSS) in gruparge (CVE-2022-45091)
cross-site scripting in gruparge (CVE-2022-45091). Risk of unauthorized operations or information disclosure.
|