Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2022-29532 Cross-Site Scripting (XSS) in misp-project (CVE-2022-29532)
cross-site scripting in misp-project (CVE-2022-29532). Risk of unauthorized operations or information disclosure.
CVE-2022-29531 Cross-Site Scripting (XSS) in misp-project (CVE-2022-29531)
cross-site scripting in misp-project (CVE-2022-29531). Risk of unauthorized operations or information disclosure.
CVE-2022-29528 An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
CVE-2022-26593 Cross-Site Scripting (XSS) in liferay (CVE-2022-26593)
cross-site scripting in liferay (CVE-2022-26593). Risk of unauthorized operations or information disclosure.
CVE-2022-26901 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-26826 Command Injection in microsoft (CVE-2022-26826)
command injection in microsoft (CVE-2022-26826). Successful exploitation can lead to full system takeover.
CVE-2022-24473 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-26594 Cross-Site Scripting (XSS) in liferay (CVE-2022-26594)
cross-site scripting in liferay (CVE-2022-26594). Risk of unauthorized operations or information disclosure.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2021-37293 Path Traversal in path-traversal (CVE-2021-37293)
path traversal in path-traversal (CVE-2021-37293). Confidential information can be exposed externally.
CVE-2021-40219 Code Injection in bolt (CVE-2021-40219)
code injection in bolt (CVE-2021-40219). Successful exploitation can lead to full system takeover.
CVE-2021-43432 Cross-Site Scripting (XSS) in exrick (CVE-2021-43432)
cross-site scripting in exrick (CVE-2021-43432). Risk of unauthorized operations or information disclosure.
CVE-2022-26607 Unrestricted File Upload in baigo (CVE-2022-26607)
vulnerability in baigo (CVE-2022-26607). Successful exploitation can lead to full system takeover.
CVE-2021-42868 Cross-Site Scripting (XSS) in chikitsa (CVE-2021-42868)
cross-site scripting in chikitsa (CVE-2021-42868). Risk of unauthorized operations or information disclosure.
CVE-2022-26645 Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
CVE-2022-26644 Cross-Site Scripting (XSS) in oretnom23 (CVE-2022-26644)
cross-site scripting in oretnom23 (CVE-2022-26644). Risk of unauthorized operations or information disclosure.
CVE-2022-26244 Cross-Site Scripting (XSS) in hospitals-patient-records-management-system-project (CVE-2022-26244)
cross-site scripting in hospitals-patient-records-management-system-project (CVE-2022-26244). Risk of unauthorized operations or information disclosure.
CVE-2022-26263 Cross-Site Scripting (XSS) in yonyou (CVE-2022-26263)
cross-site scripting in yonyou (CVE-2022-26263). Risk of unauthorized operations or information disclosure.
CVE-2021-40904 Vulnerability in checkmk (CVE-2021-40904)
vulnerability in checkmk (CVE-2021-40904). Successful exploitation can lead to full system takeover.
CVE-2021-40905 Unrestricted File Upload in checkmk (CVE-2021-40905)
vulnerability in checkmk (CVE-2021-40905). Successful exploitation can lead to full system takeover.
CVE-2021-40906 Cross-Site Scripting (XSS) in checkmk (CVE-2021-40906)
cross-site scripting in checkmk (CVE-2021-40906). Risk of unauthorized operations or information disclosure.
CVE-2022-26197 Cross-Site Scripting (XSS) in joget (CVE-2022-26197)
cross-site scripting in joget (CVE-2022-26197). Risk of unauthorized operations or information disclosure.
CVE-2022-25523 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-25523)
vulnerability in csrf (CVE-2022-25523). Successful exploitation can lead to full system takeover.
CVE-2022-25574 Cross-Site Scripting (XSS) in douco (CVE-2022-25574)
cross-site scripting in douco (CVE-2022-25574). Risk of unauthorized operations or information disclosure.
CVE-2018-1273 KEV [KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2018-1273)
code injection in Vmware tanzu vmware-tanzu (CVE-2018-1273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2021-42237 KEV [KEV] Unsafe Deserialization in Sitecore xp (CVE-2021-42237)
vulnerability in Sitecore xp (CVE-2021-42237). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2022-24291 Vulnerability in dos (CVE-2022-24291)
vulnerability in dos (CVE-2022-24291). Risk of unauthorized operations or information disclosure.
CVE-2022-24292 Vulnerability in dos (CVE-2022-24292)
vulnerability in dos (CVE-2022-24292). Successful exploitation can lead to full system takeover.
CVE-2022-24293 Vulnerability in dos (CVE-2022-24293)
vulnerability in dos (CVE-2022-24293). Successful exploitation can lead to full system takeover.
CVE-2021-45757 Vulnerability in dos (CVE-2021-45757)
vulnerability in dos (CVE-2021-45757). Risk of unauthorized operations or information disclosure.
CVE-2022-23352 An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
CVE-2022-23347 Path Traversal in path-traversal (CVE-2022-23347)
path traversal in path-traversal (CVE-2022-23347). Confidential information can be exposed externally.
CVE-2022-23350 Cross-Site Scripting (XSS) in bigantsoft (CVE-2022-23350)
cross-site scripting in bigantsoft (CVE-2022-23350). Risk of unauthorized operations or information disclosure.
CVE-2022-23349 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-23349)
vulnerability in csrf (CVE-2022-23349). Successful exploitation can lead to full system takeover.
CVE-2022-27244 Cross-Site Scripting (XSS) in misp-project (CVE-2022-27244)
cross-site scripting in misp-project (CVE-2022-27244). Risk of unauthorized operations or information disclosure.
CVE-2022-27245 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-27245)
SSRF in ssrf (CVE-2022-27245). Successful exploitation can lead to full system takeover.
CVE-2021-44087 Vulnerability in attendance-and-payroll-system-project (CVE-2021-44087)
vulnerability in attendance-and-payroll-system-project (CVE-2021-44087). Successful exploitation can lead to full system takeover.
CVE-2021-44088 SQL Injection in sqli (CVE-2021-44088)
SQL injection in sqli (CVE-2021-44088). Successful exploitation can lead to full system takeover.
CVE-2022-0778 Vulnerability in dos (CVE-2022-0778)
vulnerability in dos (CVE-2022-0778). Risk of unauthorized operations or information disclosure.
CVE-2021-36368 Authentication Bypass in openbsd (CVE-2021-36368)
authentication bypass in openbsd (CVE-2021-36368). Risk of unauthorized operations or information disclosure.
CVE-2022-25090 Vulnerability in privilege-escalation (CVE-2022-25090)
vulnerability in privilege-escalation (CVE-2022-25090). Successful exploitation can lead to full system takeover.
CVE-2022-24644 Vulnerability in zzinc (CVE-2022-24644)
vulnerability in zzinc (CVE-2022-24644). Successful exploitation can lead to full system takeover.
CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24510 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24512 Code Injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512)
code injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24464 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-24451 VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
HEIF Image Extensions Remote Code Execution Vulnerability

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →