Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-14526 |
|
XXE (XML External Entity) in dos (CVE-2017-14526)
vulnerability in dos (CVE-2017-14526). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14527 |
|
XXE (XML External Entity) in dos (CVE-2017-14527)
vulnerability in dos (CVE-2017-14527). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14795 |
|
Out-of-Bounds Read in c (CVE-2017-14795)
vulnerability in c (CVE-2017-14795). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14796 |
|
Vulnerability in c (CVE-2017-14796)
vulnerability in c (CVE-2017-14796). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5613 |
|
Cross-Site Scripting (XSS) in octobercms (CVE-2015-5613)
cross-site scripting in octobercms (CVE-2015-5613). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7349 |
|
Cross-Site Scripting (XSS) in vasco (CVE-2015-7349)
cross-site scripting in vasco (CVE-2015-7349). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-9686 |
|
Vulnerability in dos (CVE-2014-9686)
vulnerability in dos (CVE-2014-9686). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1526 |
|
Vulnerability in dos (CVE-2015-1526)
vulnerability in dos (CVE-2015-1526). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3138 |
|
Vulnerability in c (CVE-2015-3138)
vulnerability in c (CVE-2015-3138). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10932 |
|
Unsafe Deserialization in c (CVE-2017-10932)
vulnerability in c (CVE-2017-10932). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14760 |
|
SQL Injection in wordpress (CVE-2017-14760)
SQL injection in wordpress (CVE-2017-14760). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14761 |
|
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14762 |
|
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14765 |
|
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14767 |
|
Buffer Overflow in c (CVE-2017-14767)
vulnerability in c (CVE-2017-14767). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14753 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14753)
cross-site scripting in eyesofnetwork (CVE-2017-14753). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14751 |
|
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
|
| CVE-2017-14749 |
|
Buffer Overflow in dos (CVE-2017-14749)
vulnerability in dos (CVE-2017-14749). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1425 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1425)
cross-site scripting in ibm (CVE-2017-1425). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1530 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1530)
cross-site scripting in ibm (CVE-2017-1530). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1531 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1531)
cross-site scripting in ibm (CVE-2017-1531). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1539 |
|
Vulnerability in privilege-escalation (CVE-2017-1539)
vulnerability in privilege-escalation (CVE-2017-1539). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14748 |
|
Vulnerability in dos (CVE-2017-14748)
vulnerability in dos (CVE-2017-14748). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14745 |
|
Vulnerability in c (CVE-2017-14745)
vulnerability in c (CVE-2017-14745). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7390 |
|
SQL Injection in sqli (CVE-2015-7390)
SQL injection in sqli (CVE-2015-7390). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7670 |
|
SQL Injection in wordpress (CVE-2015-7670)
SQL injection in wordpress (CVE-2015-7670). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7391 |
|
Cross-Site Scripting (XSS) in testlink (CVE-2015-7391)
cross-site scripting in testlink (CVE-2015-7391). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
|
| CVE-2015-3248 |
|
Vulnerability in dos (CVE-2015-3248)
vulnerability in dos (CVE-2015-3248). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13129 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14703 |
|
SQL Injection in sqli (CVE-2017-14703)
SQL injection in sqli (CVE-2017-14703). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14743 |
|
SQL Injection in sqli (CVE-2017-14743)
SQL injection in sqli (CVE-2017-14743). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14744 |
|
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
|
| CVE-2017-1000252 |
|
Vulnerability in c (CVE-2017-1000252)
vulnerability in c (CVE-2017-1000252). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14739 |
|
Vulnerability in c (CVE-2017-14739)
vulnerability in c (CVE-2017-14739). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14741 |
|
Vulnerability in c (CVE-2017-14741)
vulnerability in c (CVE-2017-14741). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7973 |
|
SQL Injection in sqli (CVE-2017-7973)
SQL injection in sqli (CVE-2017-7973). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7969 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7974 |
|
Path Traversal in path-traversal (CVE-2017-7974)
path traversal in path-traversal (CVE-2017-7974). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9956 |
|
Vulnerability in schneider-electric (CVE-2017-9956)
vulnerability in schneider-electric (CVE-2017-9956). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9959 |
|
Vulnerability in dos (CVE-2017-9959)
vulnerability in dos (CVE-2017-9959). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-0238 |
|
Information Disclosure in privilege-escalation (CVE-2015-0238)
vulnerability in privilege-escalation (CVE-2015-0238). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-0997 |
|
Vulnerability in dos (CVE-2014-0997)
vulnerability in dos (CVE-2014-0997). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8156 |
|
Vulnerability in dos (CVE-2014-8156)
vulnerability in dos (CVE-2014-8156). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14735 |
|
Cross-Site Scripting (XSS) in antisamy-project (CVE-2017-14735)
cross-site scripting in antisamy-project (CVE-2017-14735). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14731 |
|
Out-of-Bounds Read in cpp (CVE-2017-14731)
vulnerability in cpp (CVE-2017-14731). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14733 |
|
Out-of-Bounds Read in c (CVE-2017-14733)
vulnerability in c (CVE-2017-14733). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14734 |
|
Buffer Overflow in c (CVE-2017-14734)
vulnerability in c (CVE-2017-14734). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5169 |
|
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
|
| CVE-2015-8375 |
|
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
|