Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2019-11812 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2019-11812)
cross-site scripting in misp-project (CVE-2019-11812). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28944 |
|
Vulnerability in emcosoftware (CVE-2022-28944)
vulnerability in emcosoftware (CVE-2022-28944). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29004 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29004)
cross-site scripting in phpgurukul (CVE-2022-29004). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29005 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29005)
cross-site scripting in phpgurukul (CVE-2022-29005). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-30014 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-30014)
vulnerability in csrf (CVE-2022-30014). Successful exploitation can lead to full system takeover.
|
| CVE-2022-0900 |
|
Cross-Site Scripting (XSS) in netdatasoft (CVE-2022-0900)
cross-site scripting in netdatasoft (CVE-2022-0900). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-30065 |
|
Use-After-Free in dos (CVE-2022-30065)
vulnerability in dos (CVE-2022-30065). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29641 |
|
Out-of-Bounds Write in dos (CVE-2022-29641)
out-of-bounds write in dos (CVE-2022-29641). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24611 |
|
Vulnerability in dos (CVE-2022-24611)
vulnerability in dos (CVE-2022-24611). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1916 |
|
Vulnerability in dos (CVE-2015-1916)
vulnerability in dos (CVE-2015-1916). Risk of unauthorized operations or information disclosure.
|
| CVE-2010-5107 |
|
Vulnerability in dos (CVE-2010-5107)
vulnerability in dos (CVE-2010-5107). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8858 |
|
Vulnerability in c (CVE-2016-8858)
vulnerability in c (CVE-2016-8858). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7795 |
|
Cross-Site Scripting (XSS) in schneider-electric (CVE-2018-7795)
cross-site scripting in schneider-electric (CVE-2018-7795). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-22983 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-22983)
SSRF in ssrf (CVE-2020-22983). Confidential information can be exposed externally.
|
| CVE-2018-13785 |
|
Vulnerability in c (CVE-2018-13785)
vulnerability in c (CVE-2018-13785). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5600 |
|
Vulnerability in c (CVE-2015-5600)
vulnerability in c (CVE-2015-5600). Successful exploitation can lead to full system takeover.
|
| CVE-2020-22985 |
|
Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22985)
cross-site scripting in microstrategy (CVE-2020-22985). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-22987 |
|
Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22987)
cross-site scripting in microstrategy (CVE-2020-22987). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-22986 |
|
Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22986)
cross-site scripting in microstrategy (CVE-2020-22986). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-22984 |
|
Cross-Site Scripting (XSS) in microstrategy (CVE-2020-22984)
cross-site scripting in microstrategy (CVE-2020-22984). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28077 |
|
Cross-Site Scripting (XSS) in home-owners-collection-management-system-project (CVE-2022-28077)
cross-site scripting in home-owners-collection-management-system-project (CVE-2022-28077). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28078 |
|
Cross-Site Scripting (XSS) in home-owners-collection-management-system-project (CVE-2022-28078)
cross-site scripting in home-owners-collection-management-system-project (CVE-2022-28078). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29145 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145)
vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.5` or later.
|
| CVE-2022-29117 |
|
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
|
| CVE-2022-29109 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-26926 |
|
Windows Address Book Remote Code Execution Vulnerability.
Windows Address Book Remote Code Execution Vulnerability.
|
| CVE-2022-26987 |
|
Out-of-Bounds Write in tp-link (CVE-2022-26987)
out-of-bounds write in tp-link (CVE-2022-26987). Successful exploitation can lead to full system takeover. Exploitable via ``MmtAtePrase``.
|
| CVE-2022-26988 |
|
Out-of-Bounds Write in tp-link (CVE-2022-26988)
out-of-bounds write in tp-link (CVE-2022-26988). Successful exploitation can lead to full system takeover. Exploitable via ``MntAte``.
|
| CVE-2021-43712 |
|
Cross-Site Scripting (XSS) in employee-daily-task-management-system-project (CVE-2021-43712)
cross-site scripting in employee-daily-task-management-system-project (CVE-2021-43712). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-27224 |
|
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
|
| CVE-2021-45783 |
|
Path Traversal in path-traversal (CVE-2021-45783)
path traversal in path-traversal (CVE-2021-45783). Confidential information can be exposed externally.
|
| CVE-2022-28568 |
|
Unrestricted File Upload in simple-doctors-appointment-system-project (CVE-2022-28568)
vulnerability in simple-doctors-appointment-system-project (CVE-2022-28568). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43164 |
|
OS Command Injection in ruijienetworks (CVE-2021-43164)
OS command injection in ruijienetworks (CVE-2021-43164). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43159 |
|
Command Injection in ruijienetworks (CVE-2021-43159)
command injection in ruijienetworks (CVE-2021-43159). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43160 |
|
Command Injection in ruijienetworks (CVE-2021-43160)
command injection in ruijienetworks (CVE-2021-43160). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43161 |
|
Command Injection in ruijienetworks (CVE-2021-43161)
command injection in ruijienetworks (CVE-2021-43161). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43163 |
|
Command Injection in ruijienetworks (CVE-2021-43163)
command injection in ruijienetworks (CVE-2021-43163). Successful exploitation can lead to full system takeover.
|
| CVE-2021-43162 |
|
Command Injection in ruijienetworks (CVE-2021-43162)
command injection in ruijienetworks (CVE-2021-43162). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31673 |
|
Cross-Site Scripting (XSS) in cyclos (CVE-2021-31673)
cross-site scripting in cyclos (CVE-2021-31673). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-25647 |
|
Unsafe Deserialization in com.google.code.gson:gson (CVE-2022-25647)
vulnerability in com.google.code.gson:gson (CVE-2022-25647). Data can be tampered with by attackers. Mitigation: upgrade to `2.8.9` or later.
|
| CVE-2021-44596 |
|
Vulnerability in wondershare (CVE-2021-44596)
vulnerability in wondershare (CVE-2021-44596). Successful exploitation can lead to full system takeover.
|
| CVE-2022-28102 |
|
Cross-Site Scripting (XSS) in php-mysql-admin-panel-generator-project (CVE-2022-28102)
cross-site scripting in php-mysql-admin-panel-generator-project (CVE-2022-28102). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-27984 |
|
SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27985 |
|
SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26596 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26596)
cross-site scripting in liferay (CVE-2022-26596). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26597 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26597)
cross-site scripting in liferay (CVE-2022-26597). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28094 |
|
Cross-Site Scripting (XSS) in online-sports-complex-booking-system-project (CVE-2022-28094)
cross-site scripting in online-sports-complex-booking-system-project (CVE-2022-28094). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29529 |
|
An issue was discovered in MISP before 2.4.158. There is stored XSS via the LinOTP login field.
An issue was discovered in MISP before 2.4.158. There is stored XSS via the LinOTP login field.
|
| CVE-2022-29530 |
|
An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters.
An issue was discovered in MISP before 2.4.158. There is stored XSS in the galaxy clusters.
|
| CVE-2022-29533 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2022-29533)
cross-site scripting in misp-project (CVE-2022-29533). Risk of unauthorized operations or information disclosure.
|