Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-1521 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1521)
cross-site scripting in ibm (CVE-2017-1521). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-2023 |
|
SQL Injection in sqli (CVE-2014-2023)
SQL injection in sqli (CVE-2014-2023). Successful exploitation can lead to full system takeover.
|
| CVE-2012-4377 |
|
Cross-Site Scripting (XSS) in mediawiki (CVE-2012-4377)
cross-site scripting in mediawiki (CVE-2012-4377). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-4378 |
|
Cross-Site Scripting (XSS) in mediawiki (CVE-2012-4378)
cross-site scripting in mediawiki (CVE-2012-4378). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15919 |
|
SQL Injection in wordpress (CVE-2017-15919)
SQL injection in wordpress (CVE-2017-15919). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12158 |
|
Vulnerability in redhat (CVE-2017-12158)
vulnerability in redhat (CVE-2017-12158). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2017-15911 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-15911)
cross-site scripting in csrf (CVE-2017-15911). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12159 |
|
Vulnerability in csrf (CVE-2017-12159)
vulnerability in csrf (CVE-2017-12159). Confidential information can be exposed externally.
|
| CVE-2017-15096 |
|
Vulnerability in c (CVE-2017-15096)
vulnerability in c (CVE-2017-15096). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15908 |
|
Vulnerability in dos (CVE-2017-15908)
vulnerability in dos (CVE-2017-15908). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7335 |
|
Cross-Site Scripting (XSS) in fortinet (CVE-2017-7335)
cross-site scripting in fortinet (CVE-2017-7335). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7732 |
|
Cross-Site Scripting (XSS) in fortinet (CVE-2017-7732)
cross-site scripting in fortinet (CVE-2017-7732). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15907 |
|
SQL Injection in sqli (CVE-2017-15907)
SQL injection in sqli (CVE-2017-15907). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15882 |
|
Vulnerability in dos (CVE-2017-15882)
vulnerability in dos (CVE-2017-15882). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1164 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1164)
cross-site scripting in ibm (CVE-2017-1164). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1169 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1169)
cross-site scripting in ibm (CVE-2017-1169). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1363 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1363)
cross-site scripting in ibm (CVE-2017-1363). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15885 |
|
Cross-Site Scripting (XSS) in axis (CVE-2017-15885)
cross-site scripting in axis (CVE-2017-15885). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15880 |
|
SQL Injection in sqli (CVE-2017-15880)
SQL injection in sqli (CVE-2017-15880). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15881 |
|
Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15881)
cross-site scripting in keystonejs (CVE-2017-15881). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1209 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1209)
cross-site scripting in ibm (CVE-2017-1209). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15878 |
|
Cross-Site Scripting (XSS) in keystonejs (CVE-2017-15878)
cross-site scripting in keystonejs (CVE-2017-15878). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1212 |
|
Vulnerability in dos (CVE-2017-1212)
vulnerability in dos (CVE-2017-1212). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15872 |
|
Cross-Site Scripting (XSS) in phpwcms (CVE-2017-15872)
cross-site scripting in phpwcms (CVE-2017-15872). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15871 |
|
Vulnerability in dos (CVE-2017-15871)
vulnerability in dos (CVE-2017-15871). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15867 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15867)
cross-site scripting in wordpress (CVE-2017-15867). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15863 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15863)
cross-site scripting in wordpress (CVE-2017-15863). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5170 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-5170)
vulnerability in csrf (CVE-2015-5170). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14695 |
|
Path Traversal in salt (CVE-2017-14695)
path traversal in salt (CVE-2017-14695). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `80d90307b07b3703428ecbb7c8bb468e28a9ae6d, 2016.3.8, 2016.11.8, 2017.7.2` or later.
|
| CVE-2017-14696 |
|
Vulnerability in salt (CVE-2017-14696)
vulnerability in salt (CVE-2017-14696). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b, 2016.3.8, 2016.11.8, 2017.7.2` or later.
|
| CVE-2017-15186 |
|
Vulnerability in dos (CVE-2017-15186)
vulnerability in dos (CVE-2017-15186). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15081 |
|
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.
|
| CVE-2017-12613 |
|
Out-of-Bounds Read in apache (CVE-2017-12613)
vulnerability in apache (CVE-2017-12613). Confidential information can be exposed externally.
|
| CVE-2017-12618 |
|
Out-of-Bounds Read in apache (CVE-2017-12618)
vulnerability in apache (CVE-2017-12618). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-4570 |
|
SQL Injection in sqli (CVE-2012-4570)
SQL injection in sqli (CVE-2012-4570). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5533 |
|
SQL Injection in wordpress (CVE-2015-5533)
SQL injection in wordpress (CVE-2015-5533). Successful exploitation can lead to full system takeover.
|
| CVE-2011-4333 |
|
Cross-Site Scripting (XSS) in scilico (CVE-2011-4333)
cross-site scripting in scilico (CVE-2011-4333). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-4567 |
|
Cross-Site Scripting (XSS) in letodms-project (CVE-2012-4567)
cross-site scripting in letodms-project (CVE-2012-4567). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-4569 |
|
Cross-Site Scripting (XSS) in letodms-project (CVE-2012-4569)
cross-site scripting in letodms-project (CVE-2012-4569). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5379 |
|
Cross-Site Scripting (XSS) in axigen (CVE-2015-5379)
cross-site scripting in axigen (CVE-2015-5379). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5532 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-5532)
cross-site scripting in wordpress (CVE-2015-5532). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-4568 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2012-4568)
vulnerability in csrf (CVE-2012-4568). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2878 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2878)
vulnerability in csrf (CVE-2015-2878). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3744 |
|
Path Traversal in path-traversal (CVE-2014-3744)
path traversal in path-traversal (CVE-2014-3744). Confidential information can be exposed externally.
|
| CVE-2017-15809 |
|
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
|
| CVE-2017-15810 |
|
Cross-Site Scripting (XSS) in csharp (CVE-2017-15810)
cross-site scripting in csharp (CVE-2017-15810). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15811 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15811)
cross-site scripting in wordpress (CVE-2017-15811). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15812 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-15812)
cross-site scripting in wordpress (CVE-2017-15812). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15808 |
|
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
|
| CVE-2016-10516 |
|
Cross-Site Scripting (XSS) in flask (CVE-2016-10516)
cross-site scripting in flask (CVE-2016-10516). Risk of unauthorized operations or information disclosure.
|