Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2021-45422 Cross-Site Scripting (XSS) in reprisesoftware (CVE-2021-45422)
cross-site scripting in reprisesoftware (CVE-2021-45422). Risk of unauthorized operations or information disclosure.
CVE-2022-21840 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2022-21841 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-43677 Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability.
Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability.
CVE-2021-44832 Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.17.1` or later.
CVE-2020-20425 Cross-Site Scripting (XSS) in s-cms (CVE-2020-20425)
cross-site scripting in s-cms (CVE-2020-20425). Risk of unauthorized operations or information disclosure.
CVE-2021-45418 Path Traversal in path-traversal (CVE-2021-45418)
path traversal in path-traversal (CVE-2021-45418). Successful exploitation can lead to full system takeover.
CVE-2020-20426 Cross-Site Scripting (XSS) in s-cms (CVE-2020-20426)
cross-site scripting in s-cms (CVE-2020-20426). Risk of unauthorized operations or information disclosure.
CVE-2021-45105 Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-45105)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-45105). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.1` or later.
CVE-2021-26787 Cross-Site Scripting (XSS) in genesys (CVE-2021-26787)
cross-site scripting in genesys (CVE-2021-26787). Risk of unauthorized operations or information disclosure.
CVE-2021-36450 Cross-Site Scripting (XSS) in verint (CVE-2021-36450)
cross-site scripting in verint (CVE-2021-36450). Risk of unauthorized operations or information disclosure.
CVE-2021-43256 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2021-43875 Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2018-10228 Cross-Site Scripting (XSS) in limesurvey (CVE-2018-10228)
cross-site scripting in limesurvey (CVE-2018-10228). Risk of unauthorized operations or information disclosure.
CVE-2021-4104 Unsafe Deserialization in apache (CVE-2021-4104)
vulnerability in apache (CVE-2021-4104). Successful exploitation can lead to full system takeover.
CVE-2021-41449 Path Traversal in path-traversal (CVE-2021-41449)
path traversal in path-traversal (CVE-2021-41449). Confidential information can be exposed externally.
CVE-2021-41450 Vulnerability in dos (CVE-2021-41450)
vulnerability in dos (CVE-2021-41450). Risk of unauthorized operations or information disclosure.
CVE-2020-19611 Cross-Site Scripting (XSS) in racktables-project (CVE-2020-19611)
cross-site scripting in racktables-project (CVE-2020-19611). Risk of unauthorized operations or information disclosure.
CVE-2021-44149 An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resu...
An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operat...
CVE-2021-43687 Cross-Site Scripting (XSS) in chamilo (CVE-2021-43687)
cross-site scripting in chamilo (CVE-2021-43687). Risk of unauthorized operations or information disclosure.
CVE-2021-4019 vim is vulnerable to Heap-based Buffer Overflow
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-41436 Vulnerability in dos (CVE-2021-41436)
vulnerability in dos (CVE-2021-41436). Risk of unauthorized operations or information disclosure.
CVE-2021-42296 Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2020-25366 Vulnerability in dos (CVE-2020-25366)
vulnerability in dos (CVE-2020-25366). Data can be tampered with by attackers.
CVE-2021-37223 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
CVE-2021-41617 Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
CVE-2020-21468 Vulnerability in dos (CVE-2020-21468)
vulnerability in dos (CVE-2020-21468). Risk of unauthorized operations or information disclosure.
CVE-2021-33287 Out-of-Bounds Write in dos (CVE-2021-33287)
out-of-bounds write in dos (CVE-2021-33287). Successful exploitation can lead to full system takeover.
CVE-2021-37345 Privilege Escalation in privilege-escalation (CVE-2021-37345)
vulnerability in privilege-escalation (CVE-2021-37345). Successful exploitation can lead to full system takeover.
CVE-2021-38202 Out-of-Bounds Read in dos (CVE-2021-38202)
vulnerability in dos (CVE-2021-38202). Risk of unauthorized operations or information disclosure.
CVE-2020-20585 SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
CVE-2020-26801 Cross-Site Scripting (XSS) in tripplite (CVE-2020-26801)
cross-site scripting in tripplite (CVE-2020-26801). Risk of unauthorized operations or information disclosure.
CVE-2020-22168 SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
CVE-2021-34202 Out-of-Bounds Write in c (CVE-2021-34202)
out-of-bounds write in c (CVE-2021-34202). Successful exploitation can lead to full system takeover.
CVE-2021-22765 Vulnerability in dos (CVE-2021-22765)
vulnerability in dos (CVE-2021-22765). Successful exploitation can lead to full system takeover.
CVE-2021-22767 Vulnerability in dos (CVE-2021-22767)
vulnerability in dos (CVE-2021-22767). Successful exploitation can lead to full system takeover.
CVE-2021-22768 Vulnerability in dos (CVE-2021-22768)
vulnerability in dos (CVE-2021-22768). Successful exploitation can lead to full system takeover.
CVE-2021-22766 Vulnerability in dos (CVE-2021-22766)
vulnerability in dos (CVE-2021-22766). Risk of unauthorized operations or information disclosure.
CVE-2021-29049 Cross-Site Scripting (XSS) in liferay (CVE-2021-29049)
cross-site scripting in liferay (CVE-2021-29049). Risk of unauthorized operations or information disclosure.
CVE-2020-26677 SQL Injection in sqli (CVE-2020-26677)
SQL injection in sqli (CVE-2020-26677). Successful exploitation can lead to full system takeover.
CVE-2020-26679 Vulnerability in vfairs (CVE-2020-26679)
vulnerability in vfairs (CVE-2020-26679). Risk of unauthorized operations or information disclosure.
CVE-2021-27676 Cross-Site Scripting (XSS) in centreon (CVE-2021-27676)
cross-site scripting in centreon (CVE-2021-27676). Risk of unauthorized operations or information disclosure.
CVE-2021-27821 Cross-Site Scripting (XSS) in openwrt (CVE-2021-27821)
cross-site scripting in openwrt (CVE-2021-27821). Risk of unauthorized operations or information disclosure.
CVE-2021-33425 Cross-Site Scripting (XSS) in openwrt (CVE-2021-33425)
cross-site scripting in openwrt (CVE-2021-33425). Risk of unauthorized operations or information disclosure.
CVE-2017-17674 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17674)
SSRF in ssrf (CVE-2017-17674). Successful exploitation can lead to full system takeover.
CVE-2020-21815 Vulnerability in c (CVE-2020-21815)
vulnerability in c (CVE-2020-21815). Risk of unauthorized operations or information disclosure.
CVE-2020-21817 Vulnerability in c (CVE-2020-21817)
vulnerability in c (CVE-2020-21817). Risk of unauthorized operations or information disclosure.
CVE-2021-29051 Cross-Site Scripting (XSS) in liferay (CVE-2021-29051)
cross-site scripting in liferay (CVE-2021-29051). Risk of unauthorized operations or information disclosure.
CVE-2021-29048 Cross-Site Scripting (XSS) in liferay (CVE-2021-29048)
cross-site scripting in liferay (CVE-2021-29048). Risk of unauthorized operations or information disclosure.
CVE-2021-29053 SQL Injection in sqli (CVE-2021-29053)
SQL injection in sqli (CVE-2021-29053). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →