Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-25324 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-25324)
cross-site scripting in misp-project (CVE-2021-25324). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-23630 |
|
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
|
| CVE-2020-35262 |
|
Cross-Site Scripting (XSS) in digisol (CVE-2020-35262)
cross-site scripting in digisol (CVE-2020-35262). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-25498 |
|
Cross-Site Scripting (XSS) in beetel (CVE-2020-25498)
cross-site scripting in beetel (CVE-2020-25498). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-29231 |
|
Cross-Site Scripting (XSS) in egavilanmedia (CVE-2020-29231)
cross-site scripting in egavilanmedia (CVE-2020-29231). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-29228 |
|
SQL Injection in sqli (CVE-2020-29228)
SQL injection in sqli (CVE-2020-29228). Data can be tampered with by attackers.
|
| CVE-2020-29477 |
|
Cross-Site Scripting (XSS) in invisioncommunity (CVE-2020-29477)
cross-site scripting in invisioncommunity (CVE-2020-29477). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-29230 |
|
Cross-Site Scripting (XSS) in egavilanmedia (CVE-2020-29230)
cross-site scripting in egavilanmedia (CVE-2020-29230). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-29247 |
|
Cross-Site Scripting (XSS) in wondercms (CVE-2020-29247)
cross-site scripting in wondercms (CVE-2020-29247). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-35276 |
|
SQL Injection in sqli (CVE-2020-35276)
SQL injection in sqli (CVE-2020-35276). Successful exploitation can lead to full system takeover.
|
| CVE-2020-35274 |
|
Cross-Site Scripting (XSS) in dotcms (CVE-2020-35274)
cross-site scripting in dotcms (CVE-2020-35274). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-35275 |
|
Cross-Site Scripting (XSS) in coastercms (CVE-2020-35275)
cross-site scripting in coastercms (CVE-2020-35275). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-35273 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-35273)
vulnerability in csrf (CVE-2020-35273). Successful exploitation can lead to full system takeover.
|
| CVE-2020-28860 |
|
SQL Injection in sqli (CVE-2020-28860)
SQL injection in sqli (CVE-2020-28860). Successful exploitation can lead to full system takeover.
|
| CVE-2020-28859 |
|
Cross-Site Scripting (XSS) in openasset (CVE-2020-28859)
cross-site scripting in openasset (CVE-2020-28859). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-28857 |
|
Cross-Site Scripting (XSS) in openasset (CVE-2020-28857)
cross-site scripting in openasset (CVE-2020-28857). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-29572 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2020-29572)
cross-site scripting in misp-project (CVE-2020-29572). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-23735 |
|
Vulnerability in privilege-escalation (CVE-2020-23735)
vulnerability in privilege-escalation (CVE-2020-23735). Successful exploitation can lead to full system takeover.
|
| CVE-2020-24815 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-24815)
SSRF in ssrf (CVE-2020-24815). Confidential information can be exposed externally.
|
| CVE-2020-28210 |
|
Cross-Site Scripting (XSS) in schneider-electric (CVE-2020-28210)
cross-site scripting in schneider-electric (CVE-2020-28210). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-28947 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2020-28947)
cross-site scripting in misp-project (CVE-2020-28947). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-28941 |
|
Vulnerability in c (CVE-2020-28941)
vulnerability in c (CVE-2020-28941). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-17091 |
|
Microsoft Teams Remote Code Execution Vulnerability
Microsoft Teams Remote Code Execution Vulnerability
|
| CVE-2020-28043 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-28043)
SSRF in ssrf (CVE-2020-28043). Confidential information can be exposed externally.
|
| CVE-2020-24881 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-24881)
SSRF in ssrf (CVE-2020-24881). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25466 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-25466)
SSRF in ssrf (CVE-2020-25466). Successful exploitation can lead to full system takeover.
|
| CVE-2020-17003 |
|
Buffer Overflow in microsoft (CVE-2020-17003)
vulnerability in microsoft (CVE-2020-17003). Successful exploitation can lead to full system takeover.
|
| CVE-2020-16918 |
|
Out-of-Bounds Write in microsoft (CVE-2020-16918)
out-of-bounds write in microsoft (CVE-2020-16918). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26867 |
|
Unsafe Deserialization in deserialization (CVE-2020-26867)
vulnerability in deserialization (CVE-2020-26867). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25487 |
|
SQL Injection in sqli (CVE-2020-25487)
SQL injection in sqli (CVE-2020-25487). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23451 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-23451)
vulnerability in csrf (CVE-2020-23451). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21731 |
|
Cross-Site Scripting (XSS) in gazie-project (CVE-2020-21731)
cross-site scripting in gazie-project (CVE-2020-21731). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21732 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2020-21732)
cross-site scripting in rukovoditel (CVE-2020-21732). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21733 |
|
Cross-Site Scripting (XSS) in sagemcom (CVE-2020-21733)
cross-site scripting in sagemcom (CVE-2020-21733). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-24194 |
|
Cross-Site Scripting (XSS) in daily-tracker-system-project (CVE-2020-24194)
cross-site scripting in daily-tracker-system-project (CVE-2020-24194). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-24193 |
|
SQL Injection in sqli (CVE-2020-24193)
SQL injection in sqli (CVE-2020-24193). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23450 |
|
Cross-Site Scripting (XSS) in spiceworks (CVE-2020-23450)
cross-site scripting in spiceworks (CVE-2020-23450). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-24917 |
|
Cross-Site Scripting (XSS) in enhancesoft (CVE-2020-24917)
cross-site scripting in enhancesoft (CVE-2020-24917). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-16193 |
|
Cross-Site Scripting (XSS) in enhancesoft (CVE-2020-16193)
cross-site scripting in enhancesoft (CVE-2020-16193). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-15711 |
|
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
|
| CVE-2020-13153 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2020-13153)
cross-site scripting in misp-project (CVE-2020-13153). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6856 |
|
Vulnerability in dos (CVE-2019-6856)
vulnerability in dos (CVE-2019-6856). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6857 |
|
Vulnerability in dos (CVE-2019-6857)
vulnerability in dos (CVE-2019-6857). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7794 |
|
Vulnerability in dos (CVE-2018-7794)
vulnerability in dos (CVE-2018-7794). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6829 |
|
Vulnerability in dos (CVE-2019-6829)
vulnerability in dos (CVE-2019-6829). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-14748 |
|
Cross-Site Scripting (XSS) in enhancesoft (CVE-2019-14748)
cross-site scripting in enhancesoft (CVE-2019-14748). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6819 |
|
Vulnerability in dos (CVE-2019-6819)
vulnerability in dos (CVE-2019-6819). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7852 |
|
Vulnerability in c (CVE-2018-7852)
vulnerability in c (CVE-2018-7852). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-11814 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2019-11814)
cross-site scripting in misp-project (CVE-2019-11814). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-11813 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2019-11813)
cross-site scripting in misp-project (CVE-2019-11813). Risk of unauthorized operations or information disclosure.
|