Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2016-4870 |
|
Cross-Site Scripting (XSS) in cybozu (CVE-2016-4870)
cross-site scripting in cybozu (CVE-2016-4870). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4871 |
|
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.
|
| CVE-2017-7891 |
|
sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.
sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.
|
| CVE-2017-7885 |
|
Vulnerability in c (CVE-2017-7885)
vulnerability in c (CVE-2017-7885). Confidential information can be exposed externally.
|
| CVE-2017-7881 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7881)
vulnerability in csrf (CVE-2017-7881). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-7717 |
|
SQL Injection in sqli (CVE-2017-7717)
SQL injection in sqli (CVE-2017-7717). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7878 |
|
SQL Injection in sqli (CVE-2017-7878)
SQL injection in sqli (CVE-2017-7878). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7879 |
|
SQL Injection in sqli (CVE-2017-7879)
SQL injection in sqli (CVE-2017-7879). Confidential information can be exposed externally.
|
| CVE-2017-7871 |
|
Cross-Site Scripting (XSS) in tdm-project (CVE-2017-7871)
cross-site scripting in tdm-project (CVE-2017-7871). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7877 |
|
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.
CSRF vulnerability in flatCore version 1.4.6 allows remote attackers to modify CMS configurations.
|
| CVE-2017-7696 |
|
Vulnerability in dos (CVE-2017-7696)
vulnerability in dos (CVE-2017-7696). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4875 |
|
Cross-Site Scripting (XSS) in assist-project (CVE-2016-4875)
cross-site scripting in assist-project (CVE-2016-4875). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4888 |
|
Cross-Site Scripting (XSS) in zohocorp (CVE-2016-4888)
cross-site scripting in zohocorp (CVE-2016-4888). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7188 |
|
Cross-Site Scripting (XSS) in zurmo (CVE-2017-7188)
cross-site scripting in zurmo (CVE-2017-7188). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-7051 |
|
XXE (XML External Entity) in ssrf (CVE-2016-7051)
vulnerability in ssrf (CVE-2016-7051). Data can be tampered with by attackers.
|
| CVE-2016-5312 |
|
Path Traversal in path-traversal (CVE-2016-5312)
path traversal in path-traversal (CVE-2016-5312). Confidential information can be exposed externally.
|
| CVE-2016-3104 |
|
Vulnerability in dos (CVE-2016-3104)
vulnerability in dos (CVE-2016-3104). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5309 |
|
Out-of-Bounds Read in dos (CVE-2016-5309)
vulnerability in dos (CVE-2016-5309). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5310 |
|
Out-of-Bounds Write in dos (CVE-2016-5310)
out-of-bounds write in dos (CVE-2016-5310). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8602 |
|
Vulnerability in c (CVE-2016-8602)
vulnerability in c (CVE-2016-8602). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8927 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2016-8927)
cross-site scripting in ibm (CVE-2016-8927). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8356 |
|
SQL Injection in sqli (CVE-2015-8356)
SQL injection in sqli (CVE-2015-8356). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7408 |
|
Vulnerability in dos (CVE-2017-7408)
vulnerability in dos (CVE-2017-7408). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7456 |
|
Vulnerability in dos (CVE-2017-7456)
vulnerability in dos (CVE-2017-7456). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6818 |
|
SQL Injection in sqli (CVE-2016-6818)
SQL injection in sqli (CVE-2016-6818). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3887 |
|
Cross-Site Scripting (XSS) in iodata (CVE-2014-3887)
cross-site scripting in iodata (CVE-2014-3887). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7725 |
|
Cross-Site Scripting (XSS) in concretecms (CVE-2017-7725)
cross-site scripting in concretecms (CVE-2017-7725). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2013-6648 |
|
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
|
| CVE-2015-4646 |
|
Vulnerability in c (CVE-2015-4646)
vulnerability in c (CVE-2015-4646). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8345 |
|
Vulnerability in dos (CVE-2015-8345)
vulnerability in dos (CVE-2015-8345). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8567 |
|
Vulnerability in c (CVE-2015-8567)
vulnerability in c (CVE-2015-8567). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8619 |
|
Out-of-Bounds Write in dos (CVE-2015-8619)
out-of-bounds write in dos (CVE-2015-8619). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-2566 |
|
SQL Injection in sqli (CVE-2016-2566)
SQL injection in sqli (CVE-2016-2566). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7853 |
|
Buffer Overflow in c (CVE-2017-7853)
vulnerability in c (CVE-2017-7853). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7854 |
|
Out-of-Bounds Read in c (CVE-2017-7854)
vulnerability in c (CVE-2017-7854). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8780 |
|
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
|
| CVE-2010-1816 |
|
Buffer Overflow in dos (CVE-2010-1816)
vulnerability in dos (CVE-2010-1816). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10325 |
|
Buffer Overflow in c (CVE-2016-10325)
vulnerability in c (CVE-2016-10325). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10326 |
|
Buffer Overflow in c (CVE-2016-10326)
vulnerability in c (CVE-2016-10326). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-1914 |
|
SQL Injection in sqli (CVE-2016-1914)
SQL injection in sqli (CVE-2016-1914). Successful exploitation can lead to full system takeover.
|
| CVE-2016-2555 |
|
SQL Injection in sqli (CVE-2016-2555)
SQL injection in sqli (CVE-2016-2555). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8864 |
|
Cross-Site Scripting (XSS) in opensuse (CVE-2015-8864)
cross-site scripting in opensuse (CVE-2015-8864). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-1915 |
|
Cross-Site Scripting (XSS) in blackberry (CVE-2016-1915)
cross-site scripting in blackberry (CVE-2016-1915). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-2104 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2016-2104)
cross-site scripting in redhat (CVE-2016-2104). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4068 |
|
Cross-Site Scripting (XSS) in opensuse (CVE-2016-4068)
cross-site scripting in opensuse (CVE-2016-4068). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8283 |
|
Path Traversal in path-traversal (CVE-2015-8283)
path traversal in path-traversal (CVE-2015-8283). Confidential information can be exposed externally.
|
| CVE-2015-8272 |
|
Vulnerability in dos (CVE-2015-8272)
vulnerability in dos (CVE-2015-8272). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4970 |
|
Vulnerability in dos (CVE-2016-4970)
vulnerability in dos (CVE-2016-4970). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-2710 |
|
Cross-Site Scripting (XSS) in oliver-project (CVE-2014-2710)
cross-site scripting in oliver-project (CVE-2014-2710). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7565 |
|
Cross-Site Scripting (XSS) in emberjs (CVE-2015-7565)
cross-site scripting in emberjs (CVE-2015-7565). Risk of unauthorized operations or information disclosure.
|