Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-9612 Use-After-Free in c (CVE-2017-9612)
vulnerability in c (CVE-2017-9612). Successful exploitation can lead to full system takeover.
CVE-2017-9618 Buffer Overflow in c (CVE-2017-9618)
vulnerability in c (CVE-2017-9618). Successful exploitation can lead to full system takeover.
CVE-2017-9619 Buffer Overflow in c (CVE-2017-9619)
vulnerability in c (CVE-2017-9619). Successful exploitation can lead to full system takeover.
CVE-2017-9620 Out-of-Bounds Read in c (CVE-2017-9620)
vulnerability in c (CVE-2017-9620). Successful exploitation can lead to full system takeover.
CVE-2017-9726 Out-of-Bounds Read in c (CVE-2017-9726)
vulnerability in c (CVE-2017-9726). Successful exploitation can lead to full system takeover.
CVE-2017-9727 Out-of-Bounds Read in c (CVE-2017-9727)
vulnerability in c (CVE-2017-9727). Successful exploitation can lead to full system takeover.
CVE-2017-9739 Out-of-Bounds Read in c (CVE-2017-9739)
vulnerability in c (CVE-2017-9739). Successful exploitation can lead to full system takeover.
CVE-2017-9740 Out-of-Bounds Read in c (CVE-2017-9740)
vulnerability in c (CVE-2017-9740). Successful exploitation can lead to full system takeover.
CVE-2017-9835 Vulnerability in c (CVE-2017-9835)
vulnerability in c (CVE-2017-9835). Successful exploitation can lead to full system takeover.
CVE-2017-11666 Cross-Site Scripting (XSS) in kopano (CVE-2017-11666)
cross-site scripting in kopano (CVE-2017-11666). Risk of unauthorized operations or information disclosure.
CVE-2017-11612 Cross-Site Scripting (XSS) in joomla (CVE-2017-11612)
cross-site scripting in joomla (CVE-2017-11612). Risk of unauthorized operations or information disclosure.
CVE-2017-11631 dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
CVE-2017-11629 Cross-Site Scripting (XSS) in c (CVE-2017-11629)
cross-site scripting in c (CVE-2017-11629). Risk of unauthorized operations or information disclosure.
CVE-2017-11651 NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
CVE-2017-11630 Path Traversal in path-traversal (CVE-2017-11630)
path traversal in path-traversal (CVE-2017-11630). Data can be tampered with by attackers.
CVE-2017-11613 Vulnerability in dos (CVE-2017-11613)
vulnerability in dos (CVE-2017-11613). Risk of unauthorized operations or information disclosure.
CVE-2017-11624 Vulnerability in dos (CVE-2017-11624)
vulnerability in dos (CVE-2017-11624). Risk of unauthorized operations or information disclosure.
CVE-2017-11625 Vulnerability in dos (CVE-2017-11625)
vulnerability in dos (CVE-2017-11625). Risk of unauthorized operations or information disclosure.
CVE-2017-11626 Vulnerability in dos (CVE-2017-11626)
vulnerability in dos (CVE-2017-11626). Risk of unauthorized operations or information disclosure.
CVE-2017-11627 Vulnerability in dos (CVE-2017-11627)
vulnerability in dos (CVE-2017-11627). Risk of unauthorized operations or information disclosure.
CVE-2017-11628 Buffer Overflow in c (CVE-2017-11628)
vulnerability in c (CVE-2017-11628). Successful exploitation can lead to full system takeover.
CVE-2016-6133 Cross-Site Scripting (XSS) in ektron (CVE-2016-6133)
cross-site scripting in ektron (CVE-2016-6133). Risk of unauthorized operations or information disclosure.
CVE-2017-6753 A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected br...
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meeti...
CVE-2017-6749 Cross-Site Scripting (XSS) in cisco (CVE-2017-6749)
cross-site scripting in cisco (CVE-2017-6749). Risk of unauthorized operations or information disclosure.
CVE-2017-6755 Cross-Site Scripting (XSS) in cisco (CVE-2017-6755)
cross-site scripting in cisco (CVE-2017-6755). Risk of unauthorized operations or information disclosure.
CVE-2017-11458 Cross-Site Scripting (XSS) in sap (CVE-2017-11458)
cross-site scripting in sap (CVE-2017-11458). Risk of unauthorized operations or information disclosure.
CVE-2017-11460 Cross-Site Scripting (XSS) in sap (CVE-2017-11460)
cross-site scripting in sap (CVE-2017-11460). Risk of unauthorized operations or information disclosure.
CVE-2017-11457 XXE (XML External Entity) in ssrf (CVE-2017-11457)
vulnerability in ssrf (CVE-2017-11457). Confidential information can be exposed externally.
CVE-2017-9413 Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a po...
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via t...
CVE-2017-11434 Out-of-Bounds Read in c (CVE-2017-11434)
vulnerability in c (CVE-2017-11434). Risk of unauthorized operations or information disclosure.
CVE-2015-1332 The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute ar...
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.
CVE-2015-2798 SQL Injection in sqli (CVE-2015-2798)
SQL injection in sqli (CVE-2015-2798). Successful exploitation can lead to full system takeover.
CVE-2015-0674 Cross-Site Scripting (XSS) in cisco (CVE-2015-0674)
cross-site scripting in cisco (CVE-2015-0674). Risk of unauthorized operations or information disclosure.
CVE-2015-5594 Cross-Site Scripting (XSS) in zenphoto (CVE-2015-5594)
cross-site scripting in zenphoto (CVE-2015-5594). Risk of unauthorized operations or information disclosure.
CVE-2015-4462 Unrestricted File Upload in path-traversal (CVE-2015-4462)
vulnerability in path-traversal (CVE-2015-4462). Confidential information can be exposed externally.
CVE-2015-1417 Vulnerability in dos (CVE-2015-1417)
vulnerability in dos (CVE-2015-1417). Risk of unauthorized operations or information disclosure.
CVE-2015-5221 Use-After-Free in c (CVE-2015-5221)
vulnerability in c (CVE-2015-5221). Risk of unauthorized operations or information disclosure.
CVE-2017-11617 Cross-Site Scripting (XSS) in atmail (CVE-2017-11617)
cross-site scripting in atmail (CVE-2017-11617). Risk of unauthorized operations or information disclosure.
CVE-2016-7539 Vulnerability in dos (CVE-2016-7539)
vulnerability in dos (CVE-2016-7539). Risk of unauthorized operations or information disclosure.
CVE-2017-7980 Buffer Overflow in dos (CVE-2017-7980)
vulnerability in dos (CVE-2017-7980). Successful exploitation can lead to full system takeover.
CVE-2017-11499 Vulnerability in dos (CVE-2017-11499)
vulnerability in dos (CVE-2017-11499). Risk of unauthorized operations or information disclosure.
CVE-2017-7541 Buffer Overflow in c (CVE-2017-7541)
vulnerability in c (CVE-2017-7541). Successful exploitation can lead to full system takeover.
CVE-2015-2280 snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands vi...
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.
CVE-2015-1847 Path Traversal in path-traversal (CVE-2015-1847)
path traversal in path-traversal (CVE-2015-1847). Confidential information can be exposed externally.
CVE-2016-6118 Cross-Site Scripting (XSS) in ibm (CVE-2016-6118)
cross-site scripting in ibm (CVE-2016-6118). Risk of unauthorized operations or information disclosure.
CVE-2016-8975 Cross-Site Scripting (XSS) in ibm (CVE-2016-8975)
cross-site scripting in ibm (CVE-2016-8975). Risk of unauthorized operations or information disclosure.
CVE-2017-1245 Cross-Site Scripting (XSS) in ibm (CVE-2017-1245)
cross-site scripting in ibm (CVE-2017-1245). Risk of unauthorized operations or information disclosure.
CVE-2017-1249 Cross-Site Scripting (XSS) in ibm (CVE-2017-1249)
cross-site scripting in ibm (CVE-2017-1249). Risk of unauthorized operations or information disclosure.
CVE-2017-1380 Cross-Site Scripting (XSS) in ibm (CVE-2017-1380)
cross-site scripting in ibm (CVE-2017-1380). Risk of unauthorized operations or information disclosure.
CVE-2017-11324 SQL Injection in sqli (CVE-2017-11324)
SQL injection in sqli (CVE-2017-11324). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →