Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-22789 |
|
Buffer Overflow in dos (CVE-2021-22789)
vulnerability in dos (CVE-2021-22789). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22792 |
|
Vulnerability in dos (CVE-2021-22792)
vulnerability in dos (CVE-2021-22792). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22791 |
|
Out-of-Bounds Write in dos (CVE-2021-22791)
out-of-bounds write in dos (CVE-2021-22791). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-12868 |
|
Unsafe Deserialization in deserialization (CVE-2019-12868)
vulnerability in deserialization (CVE-2019-12868). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41653 |
|
Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
|
| CVE-2021-36698 |
|
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
|
| CVE-2020-27406 |
|
Cross-Site Scripting (XSS) in dynpg (CVE-2020-27406)
cross-site scripting in dynpg (CVE-2020-27406). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25874 |
|
SQL Injection in sqli (CVE-2021-25874)
SQL injection in sqli (CVE-2021-25874). Confidential information can be exposed externally.
|
| CVE-2020-25912 |
|
XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
|
| CVE-2020-23546 |
|
Vulnerability in dos (CVE-2020-23546)
vulnerability in dos (CVE-2020-23546). Successful exploitation can lead to full system takeover.
|
| CVE-2020-19961 |
|
SQL Injection in sqli (CVE-2020-19961)
SQL injection in sqli (CVE-2020-19961). Confidential information can be exposed externally.
|
| CVE-2020-19964 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-19964)
vulnerability in csrf (CVE-2020-19964). Data can be tampered with by attackers.
|
| CVE-2021-29004 |
|
SQL Injection in sqli (CVE-2021-29004)
SQL injection in sqli (CVE-2021-29004). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35504 |
|
Vulnerability in afian (CVE-2021-35504)
vulnerability in afian (CVE-2021-35504). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35505 |
|
Vulnerability in afian (CVE-2021-35505)
vulnerability in afian (CVE-2021-35505). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35503 |
|
Cross-Site Scripting (XSS) in afian (CVE-2021-35503)
cross-site scripting in afian (CVE-2021-35503). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-35506 |
|
Cross-Site Scripting (XSS) in afian (CVE-2021-35506)
cross-site scripting in afian (CVE-2021-35506). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21228 |
|
Cross-Site Scripting (XSS) in jizhicms (CVE-2020-21228)
cross-site scripting in jizhicms (CVE-2020-21228). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-3806 |
|
Path Traversal in path-traversal (CVE-2021-3806)
path traversal in path-traversal (CVE-2021-3806). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-35266 |
|
Out-of-Bounds Write in c (CVE-2021-35266)
out-of-bounds write in c (CVE-2021-35266). Successful exploitation can lead to full system takeover.
|
| CVE-2020-20345 |
|
Cross-Site Scripting (XSS) in wtcms-project (CVE-2020-20345)
cross-site scripting in wtcms-project (CVE-2020-20345). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-39302 |
|
SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31655 |
|
Cross-Site Scripting (XSS) in trendnet (CVE-2021-31655)
cross-site scripting in trendnet (CVE-2021-31655). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37743 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-37743)
cross-site scripting in misp-project (CVE-2021-37743). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37742 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-37742)
cross-site scripting in misp-project (CVE-2021-37742). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37534 |
|
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
|
| CVE-2021-27332 |
|
Cross-Site Scripting (XSS) in casap-automated-enrollment-system-project (CVE-2021-27332)
cross-site scripting in casap-automated-enrollment-system-project (CVE-2021-27332). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22779 |
|
Vulnerability in schneider-electric (CVE-2021-22779)
vulnerability in schneider-electric (CVE-2021-22779). Confidential information can be exposed externally.
|
| CVE-2020-20584 |
|
Cross-Site Scripting (XSS) in baigo (CVE-2020-20584)
cross-site scripting in baigo (CVE-2020-20584). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-20586 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-20586)
vulnerability in csrf (CVE-2020-20586). Data can be tampered with by attackers.
|
| CVE-2020-20363 |
|
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php.
|
| CVE-2021-36212 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-36212)
cross-site scripting in misp-project (CVE-2021-36212). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-31721 |
|
Cross-Site Scripting (XSS) in chevereto (CVE-2021-31721)
cross-site scripting in chevereto (CVE-2021-31721). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-28993 |
|
SQL Injection in sqli (CVE-2021-28993)
SQL injection in sqli (CVE-2021-28993). Confidential information can be exposed externally.
|
| CVE-2020-21517 |
|
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
|
| CVE-2021-31659 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-31659)
vulnerability in csrf (CVE-2021-31659). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26678 |
|
Unrestricted File Upload in vfairs (CVE-2020-26678)
vulnerability in vfairs (CVE-2020-26678). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26680 |
|
Cross-Site Scripting (XSS) in vfairs (CVE-2020-26680)
cross-site scripting in vfairs (CVE-2020-26680). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17678 |
|
Cross-Site Scripting (XSS) in bmc (CVE-2017-17678)
cross-site scripting in bmc (CVE-2017-17678). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-27518 |
|
Privilege Escalation in privilege-escalation (CVE-2020-27518)
vulnerability in privilege-escalation (CVE-2020-27518). Successful exploitation can lead to full system takeover.
|
| CVE-2021-26216 |
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
|
| CVE-2021-26215 |
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
|
| CVE-2021-27695 |
|
Cross-Site Scripting (XSS) in openmaint (CVE-2021-27695)
cross-site scripting in openmaint (CVE-2021-27695). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-21974 |
|
Out-of-Bounds Write in vmware (CVE-2021-21974)
out-of-bounds write in vmware (CVE-2021-21974). Successful exploitation can lead to full system takeover.
|
| CVE-2021-27328 |
|
Path Traversal in path-traversal (CVE-2021-27328)
path traversal in path-traversal (CVE-2021-27328). Confidential information can be exposed externally.
|
| CVE-2021-3294 |
|
Cross-Site Scripting (XSS) in casap-automated-enrollment-system-project (CVE-2021-3294)
cross-site scripting in casap-automated-enrollment-system-project (CVE-2021-3294). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-35854 |
|
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
|
| CVE-2020-24085 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2020-24085)
cross-site scripting in misp-project (CVE-2020-24085). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-3184 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-3184)
cross-site scripting in misp-project (CVE-2021-3184). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25325 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-25325)
cross-site scripting in misp-project (CVE-2021-25325). Risk of unauthorized operations or information disclosure.
|