Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-13710 Vulnerability in c (CVE-2017-13710)
vulnerability in c (CVE-2017-13710). Risk of unauthorized operations or information disclosure.
CVE-2017-13707 Privilege Escalation in privilege-escalation (CVE-2017-13707)
vulnerability in privilege-escalation (CVE-2017-13707). Successful exploitation can lead to full system takeover.
CVE-2017-12595 Vulnerability in dos (CVE-2017-12595)
vulnerability in dos (CVE-2017-12595). Successful exploitation can lead to full system takeover.
CVE-2017-7693 Path Traversal in path-traversal (CVE-2017-7693)
path traversal in path-traversal (CVE-2017-7693). Confidential information can be exposed externally.
CVE-2017-7926 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7926)
vulnerability in csrf (CVE-2017-7926). Successful exploitation can lead to full system takeover.
CVE-2017-12694 Path Traversal in path-traversal (CVE-2017-12694)
path traversal in path-traversal (CVE-2017-12694). Confidential information can be exposed externally.
CVE-2017-9640 Path Traversal in path-traversal (CVE-2017-9640)
path traversal in path-traversal (CVE-2017-9640). Risk of unauthorized operations or information disclosure.
CVE-2014-9564 Vulnerability in ibm (CVE-2014-9564)
vulnerability in ibm (CVE-2014-9564). Risk of unauthorized operations or information disclosure.
CVE-2015-3257 Cross-Site Scripting (XSS) in zend (CVE-2015-3257)
cross-site scripting in zend (CVE-2015-3257). Risk of unauthorized operations or information disclosure.
CVE-2015-1395 Path Traversal in path-traversal (CVE-2015-1395)
path traversal in path-traversal (CVE-2015-1395). Data can be tampered with by attackers.
CVE-2015-4180 Path Traversal in path-traversal (CVE-2015-4180)
path traversal in path-traversal (CVE-2015-4180). Confidential information can be exposed externally.
CVE-2015-4181 Path Traversal in path-traversal (CVE-2015-4181)
path traversal in path-traversal (CVE-2015-4181). Confidential information can be exposed externally.
CVE-2014-9637 Vulnerability in dos (CVE-2014-9637)
vulnerability in dos (CVE-2014-9637). Risk of unauthorized operations or information disclosure.
CVE-2015-3206 Authentication Bypass in pykerberos (CVE-2015-3206)
authentication bypass in pykerberos (CVE-2015-3206). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.6` or later.
CVE-2017-13697 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
CVE-2017-12703 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12703)
vulnerability in csrf (CVE-2017-12703). Successful exploitation can lead to full system takeover.
CVE-2017-13692 Vulnerability in c (CVE-2017-13692)
vulnerability in c (CVE-2017-13692). Risk of unauthorized operations or information disclosure.
CVE-2017-13686 Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
CVE-2015-8355 SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
CVE-2015-4699 Cross-Site Scripting (XSS) in cloud4wi (CVE-2015-4699)
cross-site scripting in cloud4wi (CVE-2015-4699). Risk of unauthorized operations or information disclosure.
CVE-2015-8352 Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
CVE-2015-1801 Buffer Overflow in dos (CVE-2015-1801)
vulnerability in dos (CVE-2015-1801). Successful exploitation can lead to full system takeover.
CVE-2015-5146 Vulnerability in dos (CVE-2015-5146)
vulnerability in dos (CVE-2015-5146). Risk of unauthorized operations or information disclosure.
CVE-2015-7516 Vulnerability in dos (CVE-2015-7516)
vulnerability in dos (CVE-2015-7516). Risk of unauthorized operations or information disclosure.
CVE-2015-7896 Buffer Overflow in dos (CVE-2015-7896)
vulnerability in dos (CVE-2015-7896). Risk of unauthorized operations or information disclosure.
CVE-2017-12879 Cross-Site Scripting (XSS) in paessler (CVE-2017-12879)
cross-site scripting in paessler (CVE-2017-12879). Risk of unauthorized operations or information disclosure.
CVE-2017-13671 Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
CVE-2017-9555 Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
CVE-2017-12074 Path Traversal in path-traversal (CVE-2017-12074)
path traversal in path-traversal (CVE-2017-12074). Data can be tampered with by attackers.
CVE-2017-9511 Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
CVE-2017-12679 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-13669 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-9507 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
CVE-2017-9508 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
CVE-2017-9509 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
CVE-2017-9510 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
CVE-2017-12134 Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
CVE-2017-12135 Vulnerability in dos (CVE-2017-12135)
vulnerability in dos (CVE-2017-12135). Successful exploitation can lead to full system takeover.
CVE-2017-12136 Vulnerability in dos (CVE-2017-12136)
vulnerability in dos (CVE-2017-12136). Successful exploitation can lead to full system takeover.
CVE-2017-13658 Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
CVE-2017-9506 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9506)
SSRF in ssrf (CVE-2017-9506). Risk of unauthorized operations or information disclosure.
CVE-2017-12971 Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
CVE-2017-12970 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
CVE-2017-12809 Vulnerability in dos (CVE-2017-12809)
vulnerability in dos (CVE-2017-12809). Risk of unauthorized operations or information disclosure.
CVE-2017-13137 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
CVE-2017-12844 Cross-Site Scripting (XSS) in icewarp (CVE-2017-12844)
cross-site scripting in icewarp (CVE-2017-12844). Risk of unauthorized operations or information disclosure.
CVE-2017-13138 Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
CVE-2017-12791 Path Traversal in salt (CVE-2017-12791)
path traversal in salt (CVE-2017-12791). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2016.11.7, 2017.7.1` or later.
CVE-2017-13140 Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
CVE-2017-13131 Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →