Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-45422 |
|
Cross-Site Scripting (XSS) in reprisesoftware (CVE-2021-45422)
cross-site scripting in reprisesoftware (CVE-2021-45422). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-21840 |
|
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
|
| CVE-2022-21841 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2021-43677 |
|
Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability.
Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability.
|
| CVE-2021-44832 |
|
Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.17.1` or later.
|
| CVE-2020-20425 |
|
Cross-Site Scripting (XSS) in s-cms (CVE-2020-20425)
cross-site scripting in s-cms (CVE-2020-20425). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-45418 |
|
Path Traversal in path-traversal (CVE-2021-45418)
path traversal in path-traversal (CVE-2021-45418). Successful exploitation can lead to full system takeover.
|
| CVE-2020-20426 |
|
Cross-Site Scripting (XSS) in s-cms (CVE-2020-20426)
cross-site scripting in s-cms (CVE-2020-20426). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-45105 |
|
Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-45105)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-45105). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.1` or later.
|
| CVE-2021-26787 |
|
Cross-Site Scripting (XSS) in genesys (CVE-2021-26787)
cross-site scripting in genesys (CVE-2021-26787). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-36450 |
|
Cross-Site Scripting (XSS) in verint (CVE-2021-36450)
cross-site scripting in verint (CVE-2021-36450). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-43256 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2021-43875 |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
|
| CVE-2018-10228 |
|
Cross-Site Scripting (XSS) in limesurvey (CVE-2018-10228)
cross-site scripting in limesurvey (CVE-2018-10228). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-4104 |
|
Unsafe Deserialization in apache (CVE-2021-4104)
vulnerability in apache (CVE-2021-4104). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41449 |
|
Path Traversal in path-traversal (CVE-2021-41449)
path traversal in path-traversal (CVE-2021-41449). Confidential information can be exposed externally.
|
| CVE-2021-41450 |
|
Vulnerability in dos (CVE-2021-41450)
vulnerability in dos (CVE-2021-41450). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-19611 |
|
Cross-Site Scripting (XSS) in racktables-project (CVE-2020-19611)
cross-site scripting in racktables-project (CVE-2020-19611). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-44149 |
|
An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resu...
An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operat...
|
| CVE-2021-43687 |
|
Cross-Site Scripting (XSS) in chamilo (CVE-2021-43687)
cross-site scripting in chamilo (CVE-2021-43687). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-4019 |
|
vim is vulnerable to Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
|
| CVE-2021-41436 |
|
Vulnerability in dos (CVE-2021-41436)
vulnerability in dos (CVE-2021-41436). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-42296 |
|
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
|
| CVE-2020-25366 |
|
Vulnerability in dos (CVE-2020-25366)
vulnerability in dos (CVE-2020-25366). Data can be tampered with by attackers.
|
| CVE-2021-37223 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
|
| CVE-2021-41617 |
|
Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21468 |
|
Vulnerability in dos (CVE-2020-21468)
vulnerability in dos (CVE-2020-21468). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-33287 |
|
Out-of-Bounds Write in dos (CVE-2021-33287)
out-of-bounds write in dos (CVE-2021-33287). Successful exploitation can lead to full system takeover.
|
| CVE-2021-37345 |
|
Privilege Escalation in privilege-escalation (CVE-2021-37345)
vulnerability in privilege-escalation (CVE-2021-37345). Successful exploitation can lead to full system takeover.
|
| CVE-2021-38202 |
|
Out-of-Bounds Read in dos (CVE-2021-38202)
vulnerability in dos (CVE-2021-38202). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-20585 |
|
SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
|
| CVE-2020-26801 |
|
Cross-Site Scripting (XSS) in tripplite (CVE-2020-26801)
cross-site scripting in tripplite (CVE-2020-26801). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-22168 |
|
SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
|
| CVE-2021-34202 |
|
Out-of-Bounds Write in c (CVE-2021-34202)
out-of-bounds write in c (CVE-2021-34202). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22765 |
|
Vulnerability in dos (CVE-2021-22765)
vulnerability in dos (CVE-2021-22765). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22767 |
|
Vulnerability in dos (CVE-2021-22767)
vulnerability in dos (CVE-2021-22767). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22768 |
|
Vulnerability in dos (CVE-2021-22768)
vulnerability in dos (CVE-2021-22768). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22766 |
|
Vulnerability in dos (CVE-2021-22766)
vulnerability in dos (CVE-2021-22766). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29049 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29049)
cross-site scripting in liferay (CVE-2021-29049). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-26677 |
|
SQL Injection in sqli (CVE-2020-26677)
SQL injection in sqli (CVE-2020-26677). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26679 |
|
Vulnerability in vfairs (CVE-2020-26679)
vulnerability in vfairs (CVE-2020-26679). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-27676 |
|
Cross-Site Scripting (XSS) in centreon (CVE-2021-27676)
cross-site scripting in centreon (CVE-2021-27676). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-27821 |
|
Cross-Site Scripting (XSS) in openwrt (CVE-2021-27821)
cross-site scripting in openwrt (CVE-2021-27821). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-33425 |
|
Cross-Site Scripting (XSS) in openwrt (CVE-2021-33425)
cross-site scripting in openwrt (CVE-2021-33425). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17674 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17674)
SSRF in ssrf (CVE-2017-17674). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21815 |
|
Vulnerability in c (CVE-2020-21815)
vulnerability in c (CVE-2020-21815). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21817 |
|
Vulnerability in c (CVE-2020-21817)
vulnerability in c (CVE-2020-21817). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29051 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29051)
cross-site scripting in liferay (CVE-2021-29051). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29048 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29048)
cross-site scripting in liferay (CVE-2021-29048). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29053 |
|
SQL Injection in sqli (CVE-2021-29053)
SQL injection in sqli (CVE-2021-29053). Successful exploitation can lead to full system takeover.
|