Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2021-22789 Buffer Overflow in dos (CVE-2021-22789)
vulnerability in dos (CVE-2021-22789). Risk of unauthorized operations or information disclosure.
CVE-2021-22792 Vulnerability in dos (CVE-2021-22792)
vulnerability in dos (CVE-2021-22792). Risk of unauthorized operations or information disclosure.
CVE-2021-22791 Out-of-Bounds Write in dos (CVE-2021-22791)
out-of-bounds write in dos (CVE-2021-22791). Risk of unauthorized operations or information disclosure.
CVE-2019-12868 Unsafe Deserialization in deserialization (CVE-2019-12868)
vulnerability in deserialization (CVE-2019-12868). Successful exploitation can lead to full system takeover.
CVE-2021-41653 Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
CVE-2021-36698 Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
CVE-2020-27406 Cross-Site Scripting (XSS) in dynpg (CVE-2020-27406)
cross-site scripting in dynpg (CVE-2020-27406). Risk of unauthorized operations or information disclosure.
CVE-2021-25874 SQL Injection in sqli (CVE-2021-25874)
SQL injection in sqli (CVE-2021-25874). Confidential information can be exposed externally.
CVE-2020-25912 XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
CVE-2020-23546 Vulnerability in dos (CVE-2020-23546)
vulnerability in dos (CVE-2020-23546). Successful exploitation can lead to full system takeover.
CVE-2020-19961 SQL Injection in sqli (CVE-2020-19961)
SQL injection in sqli (CVE-2020-19961). Confidential information can be exposed externally.
CVE-2020-19964 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-19964)
vulnerability in csrf (CVE-2020-19964). Data can be tampered with by attackers.
CVE-2021-29004 SQL Injection in sqli (CVE-2021-29004)
SQL injection in sqli (CVE-2021-29004). Successful exploitation can lead to full system takeover.
CVE-2021-35504 Vulnerability in afian (CVE-2021-35504)
vulnerability in afian (CVE-2021-35504). Successful exploitation can lead to full system takeover.
CVE-2021-35505 Vulnerability in afian (CVE-2021-35505)
vulnerability in afian (CVE-2021-35505). Successful exploitation can lead to full system takeover.
CVE-2021-35503 Cross-Site Scripting (XSS) in afian (CVE-2021-35503)
cross-site scripting in afian (CVE-2021-35503). Risk of unauthorized operations or information disclosure.
CVE-2021-35506 Cross-Site Scripting (XSS) in afian (CVE-2021-35506)
cross-site scripting in afian (CVE-2021-35506). Risk of unauthorized operations or information disclosure.
CVE-2020-21228 Cross-Site Scripting (XSS) in jizhicms (CVE-2020-21228)
cross-site scripting in jizhicms (CVE-2020-21228). Risk of unauthorized operations or information disclosure.
CVE-2021-3806 Path Traversal in path-traversal (CVE-2021-3806)
path traversal in path-traversal (CVE-2021-3806). Risk of unauthorized operations or information disclosure.
CVE-2021-35266 Out-of-Bounds Write in c (CVE-2021-35266)
out-of-bounds write in c (CVE-2021-35266). Successful exploitation can lead to full system takeover.
CVE-2020-20345 Cross-Site Scripting (XSS) in wtcms-project (CVE-2020-20345)
cross-site scripting in wtcms-project (CVE-2020-20345). Risk of unauthorized operations or information disclosure.
CVE-2021-39302 SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
CVE-2021-31655 Cross-Site Scripting (XSS) in trendnet (CVE-2021-31655)
cross-site scripting in trendnet (CVE-2021-31655). Risk of unauthorized operations or information disclosure.
CVE-2021-37743 Cross-Site Scripting (XSS) in misp-project (CVE-2021-37743)
cross-site scripting in misp-project (CVE-2021-37743). Risk of unauthorized operations or information disclosure.
CVE-2021-37742 Cross-Site Scripting (XSS) in misp-project (CVE-2021-37742)
cross-site scripting in misp-project (CVE-2021-37742). Risk of unauthorized operations or information disclosure.
CVE-2021-37534 app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
CVE-2021-27332 Cross-Site Scripting (XSS) in casap-automated-enrollment-system-project (CVE-2021-27332)
cross-site scripting in casap-automated-enrollment-system-project (CVE-2021-27332). Risk of unauthorized operations or information disclosure.
CVE-2021-22779 Vulnerability in schneider-electric (CVE-2021-22779)
vulnerability in schneider-electric (CVE-2021-22779). Confidential information can be exposed externally.
CVE-2020-20584 Cross-Site Scripting (XSS) in baigo (CVE-2020-20584)
cross-site scripting in baigo (CVE-2020-20584). Risk of unauthorized operations or information disclosure.
CVE-2020-20586 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-20586)
vulnerability in csrf (CVE-2020-20586). Data can be tampered with by attackers.
CVE-2020-20363 Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
CVE-2021-36212 Cross-Site Scripting (XSS) in misp-project (CVE-2021-36212)
cross-site scripting in misp-project (CVE-2021-36212). Risk of unauthorized operations or information disclosure.
CVE-2021-31721 Cross-Site Scripting (XSS) in chevereto (CVE-2021-31721)
cross-site scripting in chevereto (CVE-2021-31721). Risk of unauthorized operations or information disclosure.
CVE-2021-28993 SQL Injection in sqli (CVE-2021-28993)
SQL injection in sqli (CVE-2021-28993). Confidential information can be exposed externally.
CVE-2020-21517 Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
CVE-2021-31659 Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-31659)
vulnerability in csrf (CVE-2021-31659). Successful exploitation can lead to full system takeover.
CVE-2020-26678 Unrestricted File Upload in vfairs (CVE-2020-26678)
vulnerability in vfairs (CVE-2020-26678). Successful exploitation can lead to full system takeover.
CVE-2020-26680 Cross-Site Scripting (XSS) in vfairs (CVE-2020-26680)
cross-site scripting in vfairs (CVE-2020-26680). Risk of unauthorized operations or information disclosure.
CVE-2017-17678 Cross-Site Scripting (XSS) in bmc (CVE-2017-17678)
cross-site scripting in bmc (CVE-2017-17678). Risk of unauthorized operations or information disclosure.
CVE-2020-27518 Privilege Escalation in privilege-escalation (CVE-2020-27518)
vulnerability in privilege-escalation (CVE-2020-27518). Successful exploitation can lead to full system takeover.
CVE-2021-26216 SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
CVE-2021-26215 SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
CVE-2021-27695 Cross-Site Scripting (XSS) in openmaint (CVE-2021-27695)
cross-site scripting in openmaint (CVE-2021-27695). Risk of unauthorized operations or information disclosure.
CVE-2021-21974 Out-of-Bounds Write in vmware (CVE-2021-21974)
out-of-bounds write in vmware (CVE-2021-21974). Successful exploitation can lead to full system takeover.
CVE-2021-27328 Path Traversal in path-traversal (CVE-2021-27328)
path traversal in path-traversal (CVE-2021-27328). Confidential information can be exposed externally.
CVE-2021-3294 Cross-Site Scripting (XSS) in casap-automated-enrollment-system-project (CVE-2021-3294)
cross-site scripting in casap-automated-enrollment-system-project (CVE-2021-3294). Risk of unauthorized operations or information disclosure.
CVE-2020-35854 Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
CVE-2020-24085 Cross-Site Scripting (XSS) in misp-project (CVE-2020-24085)
cross-site scripting in misp-project (CVE-2020-24085). Risk of unauthorized operations or information disclosure.
CVE-2021-3184 Cross-Site Scripting (XSS) in misp-project (CVE-2021-3184)
cross-site scripting in misp-project (CVE-2021-3184). Risk of unauthorized operations or information disclosure.
CVE-2021-25325 Cross-Site Scripting (XSS) in misp-project (CVE-2021-25325)
cross-site scripting in misp-project (CVE-2021-25325). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →