Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2019-11812 Cross-Site Scripting (XSS) in misp-project (CVE-2019-11812)
cross-site scripting in misp-project (CVE-2019-11812). Risk of unauthorized operations or information disclosure.
CVE-2022-28944 Vulnerability in emcosoftware (CVE-2022-28944)
vulnerability in emcosoftware (CVE-2022-28944). Successful exploitation can lead to full system takeover.
CVE-2022-29004 Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29004)
cross-site scripting in phpgurukul (CVE-2022-29004). Risk of unauthorized operations or information disclosure.
CVE-2022-29005 Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29005)
cross-site scripting in phpgurukul (CVE-2022-29005). Risk of unauthorized operations or information disclosure.
CVE-2022-30014 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-30014)
vulnerability in csrf (CVE-2022-30014). Successful exploitation can lead to full system takeover.
CVE-2022-0900 Cross-Site Scripting (XSS) in netdatasoft (CVE-2022-0900)
cross-site scripting in netdatasoft (CVE-2022-0900). Risk of unauthorized operations or information disclosure.
CVE-2022-30065 Use-After-Free in dos (CVE-2022-30065)
vulnerability in dos (CVE-2022-30065). Successful exploitation can lead to full system takeover.
CVE-2022-29641 Out-of-Bounds Write in dos (CVE-2022-29641)
out-of-bounds write in dos (CVE-2022-29641). Risk of unauthorized operations or information disclosure.
CVE-2022-24611 Vulnerability in dos (CVE-2022-24611)
vulnerability in dos (CVE-2022-24611). Risk of unauthorized operations or information disclosure.
CVE-2015-1916 Vulnerability in dos (CVE-2015-1916)
vulnerability in dos (CVE-2015-1916). Risk of unauthorized operations or information disclosure.
CVE-2010-5107 Vulnerability in dos (CVE-2010-5107)
vulnerability in dos (CVE-2010-5107). Risk of unauthorized operations or information disclosure.
CVE-2016-8858 Vulnerability in c (CVE-2016-8858)
vulnerability in c (CVE-2016-8858). Risk of unauthorized operations or information disclosure.
CVE-2018-7795 Cross-Site Scripting (XSS) in schneider-electric (CVE-2018-7795)
cross-site scripting in schneider-electric (CVE-2018-7795). Risk of unauthorized operations or information disclosure.
CVE-2020-22983 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-22983)
SSRF in ssrf (CVE-2020-22983). Confidential information can be exposed externally.
CVE-2018-13785 Vulnerability in c (CVE-2018-13785)
vulnerability in c (CVE-2018-13785). Risk of unauthorized operations or information disclosure.
CVE-2015-5600 Vulnerability in c (CVE-2015-5600)
vulnerability in c (CVE-2015-5600). Successful exploitation can lead to full system takeover.
CVE-2020-22985 Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22985)
cross-site scripting in microstrategy (CVE-2020-22985). Risk of unauthorized operations or information disclosure.
CVE-2020-22987 Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22987)
cross-site scripting in microstrategy (CVE-2020-22987). Risk of unauthorized operations or information disclosure.
CVE-2020-22986 Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22986)
cross-site scripting in microstrategy (CVE-2020-22986). Risk of unauthorized operations or information disclosure.
CVE-2020-22984 Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22984)
cross-site scripting in microstrategy (CVE-2020-22984). Risk of unauthorized operations or information disclosure.
CVE-2022-28077 Cross-Site Scripting (XSS) in home-owners-collection-management-system-project (CVE-2022-28077)
cross-site scripting in home-owners-collection-management-system-project (CVE-2022-28077). Risk of unauthorized operations or information disclosure.
CVE-2022-28078 Cross-Site Scripting (XSS) in home-owners-collection-management-system-project (CVE-2022-28078)
cross-site scripting in home-owners-collection-management-system-project (CVE-2022-28078). Risk of unauthorized operations or information disclosure.
CVE-2022-29145 Vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145)
vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.5` or later.
CVE-2022-29117 .NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-29109 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-26926 Windows Address Book Remote Code Execution Vulnerability.
Windows Address Book Remote Code Execution Vulnerability.
CVE-2022-26987 Out-of-Bounds Write in tp-link (CVE-2022-26987)
out-of-bounds write in tp-link (CVE-2022-26987). Successful exploitation can lead to full system takeover. Exploitable via ``MmtAtePrase``.
CVE-2022-26988 Out-of-Bounds Write in tp-link (CVE-2022-26988)
out-of-bounds write in tp-link (CVE-2022-26988). Successful exploitation can lead to full system takeover. Exploitable via ``MntAte``.
CVE-2021-43712 Cross-Site Scripting (XSS) in employee-daily-task-management-system-project (CVE-2021-43712)
cross-site scripting in employee-daily-task-management-system-project (CVE-2021-43712). Risk of unauthorized operations or information disclosure.
CVE-2022-27224 An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
CVE-2021-45783 Path Traversal in path-traversal (CVE-2021-45783)
path traversal in path-traversal (CVE-2021-45783). Confidential information can be exposed externally.
CVE-2022-28568 Unrestricted File Upload in simple-doctors-appointment-system-project (CVE-2022-28568)
vulnerability in simple-doctors-appointment-system-project (CVE-2022-28568). Successful exploitation can lead to full system takeover.
CVE-2021-43164 OS Command Injection in ruijienetworks (CVE-2021-43164)
OS command injection in ruijienetworks (CVE-2021-43164). Successful exploitation can lead to full system takeover.
CVE-2021-43159 Command Injection in ruijienetworks (CVE-2021-43159)
command injection in ruijienetworks (CVE-2021-43159). Successful exploitation can lead to full system takeover.
CVE-2021-43160 Command Injection in ruijienetworks (CVE-2021-43160)
command injection in ruijienetworks (CVE-2021-43160). Successful exploitation can lead to full system takeover.
CVE-2021-43161 Command Injection in ruijienetworks (CVE-2021-43161)
command injection in ruijienetworks (CVE-2021-43161). Successful exploitation can lead to full system takeover.
CVE-2021-43163 Command Injection in ruijienetworks (CVE-2021-43163)
command injection in ruijienetworks (CVE-2021-43163). Successful exploitation can lead to full system takeover.
CVE-2021-43162 Command Injection in ruijienetworks (CVE-2021-43162)
command injection in ruijienetworks (CVE-2021-43162). Successful exploitation can lead to full system takeover.
CVE-2021-31673 Cross-Site Scripting (XSS) in cyclos (CVE-2021-31673)
cross-site scripting in cyclos (CVE-2021-31673). Risk of unauthorized operations or information disclosure.
CVE-2022-25647 Unsafe Deserialization in com.google.code.gson:gson (CVE-2022-25647)
vulnerability in com.google.code.gson:gson (CVE-2022-25647). Data can be tampered with by attackers. Mitigation: upgrade to `2.8.9` or later.
CVE-2021-44596 Vulnerability in wondershare (CVE-2021-44596)
vulnerability in wondershare (CVE-2021-44596). Successful exploitation can lead to full system takeover.
CVE-2022-28102 Cross-Site Scripting (XSS) in php-mysql-admin-panel-generator-project (CVE-2022-28102)
cross-site scripting in php-mysql-admin-panel-generator-project (CVE-2022-28102). Risk of unauthorized operations or information disclosure.
CVE-2022-27984 SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
CVE-2022-27985 SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
CVE-2022-26596 Cross-Site Scripting (XSS) in liferay (CVE-2022-26596)
cross-site scripting in liferay (CVE-2022-26596). Risk of unauthorized operations or information disclosure.
CVE-2022-26597 Cross-Site Scripting (XSS) in liferay (CVE-2022-26597)
cross-site scripting in liferay (CVE-2022-26597). Risk of unauthorized operations or information disclosure.
CVE-2022-28094 Cross-Site Scripting (XSS) in online-sports-complex-booking-system-project (CVE-2022-28094)
cross-site scripting in online-sports-complex-booking-system-project (CVE-2022-28094). Risk of unauthorized operations or information disclosure.
CVE-2022-29529 An issue was discovered in MISP before 2.4.158. There is stored XSS via the LinOTP login field.
An issue was discovered in MISP before 2.4.158. There is stored XSS via the LinOTP login field.
CVE-2022-29530 An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters.
An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters.
CVE-2022-29533 Cross-Site Scripting (XSS) in misp-project (CVE-2022-29533)
cross-site scripting in misp-project (CVE-2022-29533). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →