Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-9330 |
|
Vulnerability in dos (CVE-2017-9330)
vulnerability in dos (CVE-2017-9330). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5878 |
|
Unsafe Deserialization in deserialization (CVE-2017-5878)
vulnerability in deserialization (CVE-2017-5878). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9517 |
|
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
|
| CVE-2017-9518 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9518)
vulnerability in csrf (CVE-2017-9518). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9519 |
|
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.
|
| CVE-2017-9520 |
|
Use-After-Free in c (CVE-2017-9520)
vulnerability in c (CVE-2017-9520). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9516 |
|
Cross-Site Scripting (XSS) in craftcms (CVE-2017-9516)
cross-site scripting in craftcms (CVE-2017-9516). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4908 |
|
Buffer Overflow in dos (CVE-2017-4908)
vulnerability in dos (CVE-2017-4908). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4909 |
|
Buffer Overflow in dos (CVE-2017-4909)
vulnerability in dos (CVE-2017-4909). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4910 |
|
Out-of-Bounds Read in dos (CVE-2017-4910)
vulnerability in dos (CVE-2017-4910). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4911 |
|
Out-of-Bounds Write in dos (CVE-2017-4911)
out-of-bounds write in dos (CVE-2017-4911). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4912 |
|
Out-of-Bounds Read in dos (CVE-2017-4912)
vulnerability in dos (CVE-2017-4912). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4913 |
|
Vulnerability in dos (CVE-2017-4913)
vulnerability in dos (CVE-2017-4913). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6648 |
|
Vulnerability in dos (CVE-2017-6648)
vulnerability in dos (CVE-2017-6648). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7180 |
|
Vulnerability in privilege-escalation (CVE-2017-7180)
vulnerability in privilege-escalation (CVE-2017-7180). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7346 |
|
SQL injection vulnerability in ZCMS 1.1.
SQL injection vulnerability in ZCMS 1.1.
|
| CVE-2014-9310 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-9310)
cross-site scripting in wordpress (CVE-2014-9310). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-6540 |
|
Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software.
Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software.
|
| CVE-2015-6959 |
|
Cross-site scripting (XSS) vulnerability in Vindula 1.9.
Cross-site scripting (XSS) vulnerability in Vindula 1.9.
|
| CVE-2015-8235 |
|
Directory traversal vulnerability in Spiffy before 5.4.
Directory traversal vulnerability in Spiffy before 5.4.
|
| CVE-2015-5175 |
|
Vulnerability in apache (CVE-2015-5175)
vulnerability in apache (CVE-2015-5175). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8538 |
|
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).
|
| CVE-2017-9355 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9355)
SSRF in ssrf (CVE-2017-9355). Data can be tampered with by attackers.
|
| CVE-2017-4904 |
|
Buffer Overflow in dos (CVE-2017-4904)
vulnerability in dos (CVE-2017-4904). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1178 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1178)
cross-site scripting in ibm (CVE-2017-1178). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1305 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1305)
cross-site scripting in ibm (CVE-2017-1305). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-0254 |
|
XXE (XML External Entity) in dos (CVE-2016-0254)
vulnerability in dos (CVE-2016-0254). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4914 |
|
Unsafe Deserialization in deserialization (CVE-2017-4914)
vulnerability in deserialization (CVE-2017-4914). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7564 |
|
Vulnerability in dos (CVE-2017-7564)
vulnerability in dos (CVE-2017-7564). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7888 |
|
Path Traversal in path-traversal (CVE-2015-7888)
path traversal in path-traversal (CVE-2015-7888). Data can be tampered with by attackers.
|
| CVE-2017-9499 |
|
Vulnerability in dos (CVE-2017-9499)
vulnerability in dos (CVE-2017-9499). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9500 |
|
Vulnerability in dos (CVE-2017-9500)
vulnerability in dos (CVE-2017-9500). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9501 |
|
Vulnerability in dos (CVE-2017-9501)
vulnerability in dos (CVE-2017-9501). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9834 |
|
Cross-Site Scripting (XSS) in sophos (CVE-2016-9834)
cross-site scripting in sophos (CVE-2016-9834). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9470 |
|
Vulnerability in c (CVE-2017-9470)
vulnerability in c (CVE-2017-9470). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9471 |
|
Out-of-Bounds Read in c (CVE-2017-9471)
vulnerability in c (CVE-2017-9471). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9472 |
|
Out-of-Bounds Read in c (CVE-2017-9472)
vulnerability in c (CVE-2017-9472). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9473 |
|
Vulnerability in c (CVE-2017-9473)
vulnerability in c (CVE-2017-9473). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9474 |
|
Out-of-Bounds Read in c (CVE-2017-9474)
vulnerability in c (CVE-2017-9474). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9461 |
|
Vulnerability in dos (CVE-2017-9461)
vulnerability in dos (CVE-2017-9461). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9465 |
|
Out-of-Bounds Read in c (CVE-2017-9465)
vulnerability in c (CVE-2017-9465). Confidential information can be exposed externally.
|
| CVE-2014-8180 |
|
Authentication Bypass in dos (CVE-2014-8180)
authentication bypass in dos (CVE-2014-8180). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1207 |
|
Vulnerability in c (CVE-2015-1207)
vulnerability in c (CVE-2015-1207). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-3077 |
|
Buffer Overflow in dos (CVE-2016-3077)
vulnerability in dos (CVE-2016-3077). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5004 |
|
Vulnerability in apache (CVE-2016-5004)
vulnerability in apache (CVE-2016-5004). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9960 |
|
Vulnerability in dos (CVE-2016-9960)
vulnerability in dos (CVE-2016-9960). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8920 |
|
Cross-Site Scripting (XSS) in cgiirc (CVE-2017-8920)
cross-site scripting in cgiirc (CVE-2017-8920). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9451 |
|
Cross-Site Scripting (XSS) in flatcore (CVE-2017-9451)
cross-site scripting in flatcore (CVE-2017-9451). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9452 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-9452)
cross-site scripting in piwigo (CVE-2017-9452). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9449 |
|
SQL Injection in sqli (CVE-2017-9449)
SQL injection in sqli (CVE-2017-9449). Successful exploitation can lead to full system takeover.
|