Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-1521 Cross-Site Scripting (XSS) in ibm (CVE-2017-1521)
cross-site scripting in ibm (CVE-2017-1521). Risk of unauthorized operations or information disclosure.
CVE-2014-2023 SQL Injection in sqli (CVE-2014-2023)
SQL injection in sqli (CVE-2014-2023). Successful exploitation can lead to full system takeover.
CVE-2012-4377 Cross-Site Scripting (XSS) in mediawiki (CVE-2012-4377)
cross-site scripting in mediawiki (CVE-2012-4377). Risk of unauthorized operations or information disclosure.
CVE-2012-4378 Cross-Site Scripting (XSS) in mediawiki (CVE-2012-4378)
cross-site scripting in mediawiki (CVE-2012-4378). Risk of unauthorized operations or information disclosure.
CVE-2017-15919 SQL Injection in wordpress (CVE-2017-15919)
SQL injection in wordpress (CVE-2017-15919). Successful exploitation can lead to full system takeover.
CVE-2017-12158 Vulnerability in redhat (CVE-2017-12158)
vulnerability in redhat (CVE-2017-12158). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2017-15911 Cross-Site Scripting (XSS) in csrf (CVE-2017-15911)
cross-site scripting in csrf (CVE-2017-15911). Risk of unauthorized operations or information disclosure.
CVE-2017-12159 Vulnerability in csrf (CVE-2017-12159)
vulnerability in csrf (CVE-2017-12159). Confidential information can be exposed externally.
CVE-2017-15096 Vulnerability in c (CVE-2017-15096)
vulnerability in c (CVE-2017-15096). Risk of unauthorized operations or information disclosure.
CVE-2017-15908 Vulnerability in dos (CVE-2017-15908)
vulnerability in dos (CVE-2017-15908). Risk of unauthorized operations or information disclosure.
CVE-2017-7335 Cross-Site Scripting (XSS) in fortinet (CVE-2017-7335)
cross-site scripting in fortinet (CVE-2017-7335). Risk of unauthorized operations or information disclosure.
CVE-2017-7732 Cross-Site Scripting (XSS) in fortinet (CVE-2017-7732)
cross-site scripting in fortinet (CVE-2017-7732). Risk of unauthorized operations or information disclosure.
CVE-2017-15907 SQL Injection in sqli (CVE-2017-15907)
SQL injection in sqli (CVE-2017-15907). Successful exploitation can lead to full system takeover.
CVE-2017-15882 Vulnerability in dos (CVE-2017-15882)
vulnerability in dos (CVE-2017-15882). Risk of unauthorized operations or information disclosure.
CVE-2017-1164 Cross-Site Scripting (XSS) in ibm (CVE-2017-1164)
cross-site scripting in ibm (CVE-2017-1164). Risk of unauthorized operations or information disclosure.
CVE-2017-1169 Cross-Site Scripting (XSS) in ibm (CVE-2017-1169)
cross-site scripting in ibm (CVE-2017-1169). Risk of unauthorized operations or information disclosure.
CVE-2017-1363 Cross-Site Scripting (XSS) in ibm (CVE-2017-1363)
cross-site scripting in ibm (CVE-2017-1363). Risk of unauthorized operations or information disclosure.
CVE-2017-15885 Cross-Site Scripting (XSS) in axis (CVE-2017-15885)
cross-site scripting in axis (CVE-2017-15885). Risk of unauthorized operations or information disclosure.
CVE-2017-15880 SQL Injection in sqli (CVE-2017-15880)
SQL injection in sqli (CVE-2017-15880). Successful exploitation can lead to full system takeover.
CVE-2017-15881 Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15881)
cross-site scripting in keystonejs (CVE-2017-15881). Risk of unauthorized operations or information disclosure.
CVE-2017-1209 Cross-Site Scripting (XSS) in ibm (CVE-2017-1209)
cross-site scripting in ibm (CVE-2017-1209). Risk of unauthorized operations or information disclosure.
CVE-2017-15878 Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15878)
cross-site scripting in keystonejs (CVE-2017-15878). Risk of unauthorized operations or information disclosure.
CVE-2017-1212 Vulnerability in dos (CVE-2017-1212)
vulnerability in dos (CVE-2017-1212). Risk of unauthorized operations or information disclosure.
CVE-2017-15872 Cross-Site Scripting (XSS) in phpwcms (CVE-2017-15872)
cross-site scripting in phpwcms (CVE-2017-15872). Risk of unauthorized operations or information disclosure.
CVE-2017-15871 Vulnerability in dos (CVE-2017-15871)
vulnerability in dos (CVE-2017-15871). Risk of unauthorized operations or information disclosure.
CVE-2017-15867 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15867)
cross-site scripting in wordpress (CVE-2017-15867). Risk of unauthorized operations or information disclosure.
CVE-2017-15863 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15863)
cross-site scripting in wordpress (CVE-2017-15863). Risk of unauthorized operations or information disclosure.
CVE-2015-5170 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-5170)
vulnerability in csrf (CVE-2015-5170). Successful exploitation can lead to full system takeover.
CVE-2017-14695 Path Traversal in salt (CVE-2017-14695)
path traversal in salt (CVE-2017-14695). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `80d90307b07b3703428ecbb7c8bb468e28a9ae6d, 2016.3.8, 2016.11.8, 2017.7.2` or later.
CVE-2017-14696 Vulnerability in salt (CVE-2017-14696)
vulnerability in salt (CVE-2017-14696). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b, 2016.3.8, 2016.11.8, 2017.7.2` or later.
CVE-2017-15186 Vulnerability in dos (CVE-2017-15186)
vulnerability in dos (CVE-2017-15186). Risk of unauthorized operations or information disclosure.
CVE-2017-15081 In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
CVE-2017-12613 Out-of-Bounds Read in apache (CVE-2017-12613)
vulnerability in apache (CVE-2017-12613). Confidential information can be exposed externally.
CVE-2017-12618 Out-of-Bounds Read in apache (CVE-2017-12618)
vulnerability in apache (CVE-2017-12618). Risk of unauthorized operations or information disclosure.
CVE-2012-4570 SQL Injection in sqli (CVE-2012-4570)
SQL injection in sqli (CVE-2012-4570). Successful exploitation can lead to full system takeover.
CVE-2015-5533 SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
CVE-2011-4333 Cross-Site Scripting (XSS) in scilico (CVE-2011-4333)
cross-site scripting in scilico (CVE-2011-4333). Risk of unauthorized operations or information disclosure.
CVE-2012-4567 Cross-Site Scripting (XSS) in letodms-project (CVE-2012-4567)
cross-site scripting in letodms-project (CVE-2012-4567). Risk of unauthorized operations or information disclosure.
CVE-2012-4569 Cross-Site Scripting (XSS) in letodms-project (CVE-2012-4569)
cross-site scripting in letodms-project (CVE-2012-4569). Risk of unauthorized operations or information disclosure.
CVE-2015-5379 Cross-Site Scripting (XSS) in axigen (CVE-2015-5379)
cross-site scripting in axigen (CVE-2015-5379). Risk of unauthorized operations or information disclosure.
CVE-2015-5532 Cross-Site Scripting (XSS) in wordpress (CVE-2015-5532)
cross-site scripting in wordpress (CVE-2015-5532). Risk of unauthorized operations or information disclosure.
CVE-2012-4568 Cross-Site Request Forgery (CSRF) in csrf (CVE-2012-4568)
vulnerability in csrf (CVE-2012-4568). Successful exploitation can lead to full system takeover.
CVE-2015-2878 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2878)
vulnerability in csrf (CVE-2015-2878). Successful exploitation can lead to full system takeover.
CVE-2014-3744 Path Traversal in path-traversal (CVE-2014-3744)
path traversal in path-traversal (CVE-2014-3744). Confidential information can be exposed externally.
CVE-2017-15809 In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
CVE-2017-15810 Cross-Site Scripting (XSS) in csharp (CVE-2017-15810)
cross-site scripting in csharp (CVE-2017-15810). Risk of unauthorized operations or information disclosure.
CVE-2017-15811 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15811)
cross-site scripting in wordpress (CVE-2017-15811). Risk of unauthorized operations or information disclosure.
CVE-2017-15812 Cross-Site Scripting (XSS) in wordpress (CVE-2017-15812)
cross-site scripting in wordpress (CVE-2017-15812). Risk of unauthorized operations or information disclosure.
CVE-2017-15808 In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
CVE-2016-10516 Cross-Site Scripting (XSS) in flask (CVE-2016-10516)
cross-site scripting in flask (CVE-2016-10516). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →