Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2016-4870 Cross-Site Scripting (XSS) in cybozu (CVE-2016-4870)
cross-site scripting in cybozu (CVE-2016-4870). Risk of unauthorized operations or information disclosure.
CVE-2016-4871 Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
CVE-2017-7891 sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.
sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.
CVE-2017-7885 Vulnerability in c (CVE-2017-7885)
vulnerability in c (CVE-2017-7885). Confidential information can be exposed externally.
CVE-2017-7881 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7881)
vulnerability in csrf (CVE-2017-7881). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
CVE-2017-7717 SQL Injection in sqli (CVE-2017-7717)
SQL injection in sqli (CVE-2017-7717). Successful exploitation can lead to full system takeover.
CVE-2017-7878 SQL Injection in sqli (CVE-2017-7878)
SQL injection in sqli (CVE-2017-7878). Successful exploitation can lead to full system takeover.
CVE-2017-7879 SQL Injection in sqli (CVE-2017-7879)
SQL injection in sqli (CVE-2017-7879). Confidential information can be exposed externally.
CVE-2017-7871 Cross-Site Scripting (XSS) in tdm-project (CVE-2017-7871)
cross-site scripting in tdm-project (CVE-2017-7871). Risk of unauthorized operations or information disclosure.
CVE-2017-7877 CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.
CVE-2017-7696 Vulnerability in dos (CVE-2017-7696)
vulnerability in dos (CVE-2017-7696). Risk of unauthorized operations or information disclosure.
CVE-2016-4875 Cross-Site Scripting (XSS) in assist-project (CVE-2016-4875)
cross-site scripting in assist-project (CVE-2016-4875). Risk of unauthorized operations or information disclosure.
CVE-2016-4888 Cross-Site Scripting (XSS) in zohocorp (CVE-2016-4888)
cross-site scripting in zohocorp (CVE-2016-4888). Risk of unauthorized operations or information disclosure.
CVE-2017-7188 Cross-Site Scripting (XSS) in zurmo (CVE-2017-7188)
cross-site scripting in zurmo (CVE-2017-7188). Risk of unauthorized operations or information disclosure.
CVE-2016-7051 XXE (XML External Entity) in ssrf (CVE-2016-7051)
vulnerability in ssrf (CVE-2016-7051). Data can be tampered with by attackers.
CVE-2016-5312 Path Traversal in path-traversal (CVE-2016-5312)
path traversal in path-traversal (CVE-2016-5312). Confidential information can be exposed externally.
CVE-2016-3104 Vulnerability in dos (CVE-2016-3104)
vulnerability in dos (CVE-2016-3104). Risk of unauthorized operations or information disclosure.
CVE-2016-5309 Out-of-Bounds Read in dos (CVE-2016-5309)
vulnerability in dos (CVE-2016-5309). Risk of unauthorized operations or information disclosure.
CVE-2016-5310 Out-of-Bounds Write in dos (CVE-2016-5310)
out-of-bounds write in dos (CVE-2016-5310). Risk of unauthorized operations or information disclosure.
CVE-2016-8602 Vulnerability in c (CVE-2016-8602)
vulnerability in c (CVE-2016-8602). Successful exploitation can lead to full system takeover.
CVE-2016-8927 Cross-Site Scripting (XSS) in ibm (CVE-2016-8927)
cross-site scripting in ibm (CVE-2016-8927). Risk of unauthorized operations or information disclosure.
CVE-2015-8356 SQL Injection in sqli (CVE-2015-8356)
SQL injection in sqli (CVE-2015-8356). Successful exploitation can lead to full system takeover.
CVE-2017-7408 Vulnerability in dos (CVE-2017-7408)
vulnerability in dos (CVE-2017-7408). Risk of unauthorized operations or information disclosure.
CVE-2017-7456 Vulnerability in dos (CVE-2017-7456)
vulnerability in dos (CVE-2017-7456). Risk of unauthorized operations or information disclosure.
CVE-2016-6818 SQL Injection in sqli (CVE-2016-6818)
SQL injection in sqli (CVE-2016-6818). Successful exploitation can lead to full system takeover.
CVE-2014-3887 Cross-Site Scripting (XSS) in iodata (CVE-2014-3887)
cross-site scripting in iodata (CVE-2014-3887). Risk of unauthorized operations or information disclosure.
CVE-2017-7725 Cross-Site Scripting (XSS) in concretecms (CVE-2017-7725)
cross-site scripting in concretecms (CVE-2017-7725). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
CVE-2013-6648 SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
CVE-2015-4646 Vulnerability in c (CVE-2015-4646)
vulnerability in c (CVE-2015-4646). Risk of unauthorized operations or information disclosure.
CVE-2015-8345 Vulnerability in dos (CVE-2015-8345)
vulnerability in dos (CVE-2015-8345). Risk of unauthorized operations or information disclosure.
CVE-2015-8567 Vulnerability in c (CVE-2015-8567)
vulnerability in c (CVE-2015-8567). Risk of unauthorized operations or information disclosure.
CVE-2015-8619 Out-of-Bounds Write in dos (CVE-2015-8619)
out-of-bounds write in dos (CVE-2015-8619). Risk of unauthorized operations or information disclosure.
CVE-2016-2566 SQL Injection in sqli (CVE-2016-2566)
SQL injection in sqli (CVE-2016-2566). Successful exploitation can lead to full system takeover.
CVE-2017-7853 Buffer Overflow in c (CVE-2017-7853)
vulnerability in c (CVE-2017-7853). Risk of unauthorized operations or information disclosure.
CVE-2017-7854 Out-of-Bounds Read in c (CVE-2017-7854)
vulnerability in c (CVE-2017-7854). Risk of unauthorized operations or information disclosure.
CVE-2015-8780 Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
CVE-2010-1816 Buffer Overflow in dos (CVE-2010-1816)
vulnerability in dos (CVE-2010-1816). Successful exploitation can lead to full system takeover.
CVE-2016-10325 Buffer Overflow in c (CVE-2016-10325)
vulnerability in c (CVE-2016-10325). Risk of unauthorized operations or information disclosure.
CVE-2016-10326 Buffer Overflow in c (CVE-2016-10326)
vulnerability in c (CVE-2016-10326). Risk of unauthorized operations or information disclosure.
CVE-2016-1914 SQL Injection in sqli (CVE-2016-1914)
SQL injection in sqli (CVE-2016-1914). Successful exploitation can lead to full system takeover.
CVE-2016-2555 SQL Injection in sqli (CVE-2016-2555)
SQL injection in sqli (CVE-2016-2555). Successful exploitation can lead to full system takeover.
CVE-2015-8864 Cross-Site Scripting (XSS) in opensuse (CVE-2015-8864)
cross-site scripting in opensuse (CVE-2015-8864). Risk of unauthorized operations or information disclosure.
CVE-2016-1915 Cross-Site Scripting (XSS) in blackberry (CVE-2016-1915)
cross-site scripting in blackberry (CVE-2016-1915). Risk of unauthorized operations or information disclosure.
CVE-2016-2104 Cross-Site Scripting (XSS) in redhat (CVE-2016-2104)
cross-site scripting in redhat (CVE-2016-2104). Risk of unauthorized operations or information disclosure.
CVE-2016-4068 Cross-Site Scripting (XSS) in opensuse (CVE-2016-4068)
cross-site scripting in opensuse (CVE-2016-4068). Risk of unauthorized operations or information disclosure.
CVE-2015-8283 Path Traversal in path-traversal (CVE-2015-8283)
path traversal in path-traversal (CVE-2015-8283). Confidential information can be exposed externally.
CVE-2015-8272 Vulnerability in dos (CVE-2015-8272)
vulnerability in dos (CVE-2015-8272). Risk of unauthorized operations or information disclosure.
CVE-2016-4970 Vulnerability in dos (CVE-2016-4970)
vulnerability in dos (CVE-2016-4970). Risk of unauthorized operations or information disclosure.
CVE-2014-2710 Cross-Site Scripting (XSS) in oliver-project (CVE-2014-2710)
cross-site scripting in oliver-project (CVE-2014-2710). Risk of unauthorized operations or information disclosure.
CVE-2015-7565 Cross-Site Scripting (XSS) in emberjs (CVE-2015-7565)
cross-site scripting in emberjs (CVE-2015-7565). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →