Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-9612 |
|
Use-After-Free in c (CVE-2017-9612)
vulnerability in c (CVE-2017-9612). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9618 |
|
Buffer Overflow in c (CVE-2017-9618)
vulnerability in c (CVE-2017-9618). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9619 |
|
Buffer Overflow in c (CVE-2017-9619)
vulnerability in c (CVE-2017-9619). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9620 |
|
Out-of-Bounds Read in c (CVE-2017-9620)
vulnerability in c (CVE-2017-9620). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9726 |
|
Out-of-Bounds Read in c (CVE-2017-9726)
vulnerability in c (CVE-2017-9726). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9727 |
|
Out-of-Bounds Read in c (CVE-2017-9727)
vulnerability in c (CVE-2017-9727). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9739 |
|
Out-of-Bounds Read in c (CVE-2017-9739)
vulnerability in c (CVE-2017-9739). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9740 |
|
Out-of-Bounds Read in c (CVE-2017-9740)
vulnerability in c (CVE-2017-9740). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9835 |
|
Vulnerability in c (CVE-2017-9835)
vulnerability in c (CVE-2017-9835). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11666 |
|
Cross-Site Scripting (XSS) in kopano (CVE-2017-11666)
cross-site scripting in kopano (CVE-2017-11666). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11612 |
|
Cross-Site Scripting (XSS) in joomla (CVE-2017-11612)
cross-site scripting in joomla (CVE-2017-11612). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11631 |
|
dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
dapur/app/app_user/controller/status.php in Fiyo CMS 2.0.7 has SQL injection via the id parameter.
|
| CVE-2017-11629 |
|
Cross-Site Scripting (XSS) in c (CVE-2017-11629)
cross-site scripting in c (CVE-2017-11629). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11651 |
|
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
|
| CVE-2017-11630 |
|
Path Traversal in path-traversal (CVE-2017-11630)
path traversal in path-traversal (CVE-2017-11630). Data can be tampered with by attackers.
|
| CVE-2017-11613 |
|
Vulnerability in dos (CVE-2017-11613)
vulnerability in dos (CVE-2017-11613). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11624 |
|
Vulnerability in dos (CVE-2017-11624)
vulnerability in dos (CVE-2017-11624). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11625 |
|
Vulnerability in dos (CVE-2017-11625)
vulnerability in dos (CVE-2017-11625). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11626 |
|
Vulnerability in dos (CVE-2017-11626)
vulnerability in dos (CVE-2017-11626). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11627 |
|
Vulnerability in dos (CVE-2017-11627)
vulnerability in dos (CVE-2017-11627). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11628 |
|
Buffer Overflow in c (CVE-2017-11628)
vulnerability in c (CVE-2017-11628). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6133 |
|
Cross-Site Scripting (XSS) in ektron (CVE-2016-6133)
cross-site scripting in ektron (CVE-2016-6133). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6753 |
|
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected br...
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meeti...
|
| CVE-2017-6749 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2017-6749)
cross-site scripting in cisco (CVE-2017-6749). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6755 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2017-6755)
cross-site scripting in cisco (CVE-2017-6755). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11458 |
|
Cross-Site Scripting (XSS) in sap (CVE-2017-11458)
cross-site scripting in sap (CVE-2017-11458). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11460 |
|
Cross-Site Scripting (XSS) in sap (CVE-2017-11460)
cross-site scripting in sap (CVE-2017-11460). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11457 |
|
XXE (XML External Entity) in ssrf (CVE-2017-11457)
vulnerability in ssrf (CVE-2017-11457). Confidential information can be exposed externally.
|
| CVE-2017-9413 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a po...
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via t...
|
| CVE-2017-11434 |
|
Out-of-Bounds Read in c (CVE-2017-11434)
vulnerability in c (CVE-2017-11434). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1332 |
|
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute ar...
The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.
|
| CVE-2015-2798 |
|
SQL Injection in sqli (CVE-2015-2798)
SQL injection in sqli (CVE-2015-2798). Successful exploitation can lead to full system takeover.
|
| CVE-2015-0674 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2015-0674)
cross-site scripting in cisco (CVE-2015-0674). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5594 |
|
Cross-Site Scripting (XSS) in zenphoto (CVE-2015-5594)
cross-site scripting in zenphoto (CVE-2015-5594). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-4462 |
|
Unrestricted File Upload in path-traversal (CVE-2015-4462)
vulnerability in path-traversal (CVE-2015-4462). Confidential information can be exposed externally.
|
| CVE-2015-1417 |
|
Vulnerability in dos (CVE-2015-1417)
vulnerability in dos (CVE-2015-1417). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5221 |
|
Use-After-Free in c (CVE-2015-5221)
vulnerability in c (CVE-2015-5221). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11617 |
|
Cross-Site Scripting (XSS) in atmail (CVE-2017-11617)
cross-site scripting in atmail (CVE-2017-11617). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-7539 |
|
Vulnerability in dos (CVE-2016-7539)
vulnerability in dos (CVE-2016-7539). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7980 |
|
Buffer Overflow in dos (CVE-2017-7980)
vulnerability in dos (CVE-2017-7980). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11499 |
|
Vulnerability in dos (CVE-2017-11499)
vulnerability in dos (CVE-2017-11499). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7541 |
|
Buffer Overflow in c (CVE-2017-7541)
vulnerability in c (CVE-2017-7541). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2280 |
|
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands vi...
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.
|
| CVE-2015-1847 |
|
Path Traversal in path-traversal (CVE-2015-1847)
path traversal in path-traversal (CVE-2015-1847). Confidential information can be exposed externally.
|
| CVE-2016-6118 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2016-6118)
cross-site scripting in ibm (CVE-2016-6118). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8975 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2016-8975)
cross-site scripting in ibm (CVE-2016-8975). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1245 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1245)
cross-site scripting in ibm (CVE-2017-1245). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1249 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1249)
cross-site scripting in ibm (CVE-2017-1249). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1380 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1380)
cross-site scripting in ibm (CVE-2017-1380). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11324 |
|
SQL Injection in sqli (CVE-2017-11324)
SQL injection in sqli (CVE-2017-11324). Successful exploitation can lead to full system takeover.
|