Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-13710 |
|
Vulnerability in c (CVE-2017-13710)
vulnerability in c (CVE-2017-13710). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13707 |
|
Privilege Escalation in privilege-escalation (CVE-2017-13707)
vulnerability in privilege-escalation (CVE-2017-13707). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12595 |
|
Vulnerability in dos (CVE-2017-12595)
vulnerability in dos (CVE-2017-12595). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7693 |
|
Path Traversal in path-traversal (CVE-2017-7693)
path traversal in path-traversal (CVE-2017-7693). Confidential information can be exposed externally.
|
| CVE-2017-7926 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7926)
vulnerability in csrf (CVE-2017-7926). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12694 |
|
Path Traversal in path-traversal (CVE-2017-12694)
path traversal in path-traversal (CVE-2017-12694). Confidential information can be exposed externally.
|
| CVE-2017-9640 |
|
Path Traversal in path-traversal (CVE-2017-9640)
path traversal in path-traversal (CVE-2017-9640). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-9564 |
|
Vulnerability in ibm (CVE-2014-9564)
vulnerability in ibm (CVE-2014-9564). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3257 |
|
Cross-Site Scripting (XSS) in zend (CVE-2015-3257)
cross-site scripting in zend (CVE-2015-3257). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1395 |
|
Path Traversal in path-traversal (CVE-2015-1395)
path traversal in path-traversal (CVE-2015-1395). Data can be tampered with by attackers.
|
| CVE-2015-4180 |
|
Path Traversal in path-traversal (CVE-2015-4180)
path traversal in path-traversal (CVE-2015-4180). Confidential information can be exposed externally.
|
| CVE-2015-4181 |
|
Path Traversal in path-traversal (CVE-2015-4181)
path traversal in path-traversal (CVE-2015-4181). Confidential information can be exposed externally.
|
| CVE-2014-9637 |
|
Vulnerability in dos (CVE-2014-9637)
vulnerability in dos (CVE-2014-9637). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3206 |
|
Authentication Bypass in pykerberos (CVE-2015-3206)
authentication bypass in pykerberos (CVE-2015-3206). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2017-13697 |
|
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
|
| CVE-2017-12703 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12703)
vulnerability in csrf (CVE-2017-12703). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13692 |
|
Vulnerability in c (CVE-2017-13692)
vulnerability in c (CVE-2017-13692). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13686 |
|
Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8355 |
|
SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4699 |
|
Cross-Site Scripting (XSS) in cloud4wi (CVE-2015-4699)
cross-site scripting in cloud4wi (CVE-2015-4699). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8352 |
|
Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1801 |
|
Buffer Overflow in dos (CVE-2015-1801)
vulnerability in dos (CVE-2015-1801). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5146 |
|
Vulnerability in dos (CVE-2015-5146)
vulnerability in dos (CVE-2015-5146). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7516 |
|
Vulnerability in dos (CVE-2015-7516)
vulnerability in dos (CVE-2015-7516). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7896 |
|
Buffer Overflow in dos (CVE-2015-7896)
vulnerability in dos (CVE-2015-7896). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12879 |
|
Cross-Site Scripting (XSS) in paessler (CVE-2017-12879)
cross-site scripting in paessler (CVE-2017-12879). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13671 |
|
Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9555 |
|
Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12074 |
|
Path Traversal in path-traversal (CVE-2017-12074)
path traversal in path-traversal (CVE-2017-12074). Data can be tampered with by attackers.
|
| CVE-2017-9511 |
|
Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
|
| CVE-2017-12679 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
|
| CVE-2017-13669 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
|
| CVE-2017-9507 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9508 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9509 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9510 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12134 |
|
Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12135 |
|
Vulnerability in dos (CVE-2017-12135)
vulnerability in dos (CVE-2017-12135). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12136 |
|
Vulnerability in dos (CVE-2017-12136)
vulnerability in dos (CVE-2017-12136). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13658 |
|
Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9506 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9506)
SSRF in ssrf (CVE-2017-9506). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12971 |
|
Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12970 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12809 |
|
Vulnerability in dos (CVE-2017-12809)
vulnerability in dos (CVE-2017-12809). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13137 |
|
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
|
| CVE-2017-12844 |
|
Cross-Site Scripting (XSS) in icewarp (CVE-2017-12844)
cross-site scripting in icewarp (CVE-2017-12844). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13138 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12791 |
|
Path Traversal in salt (CVE-2017-12791)
path traversal in salt (CVE-2017-12791). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2016.11.7, 2017.7.1` or later.
|
| CVE-2017-13140 |
|
Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13131 |
|
Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.
|