Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2017-6864 Cross-Site Scripting (XSS) in siemens (CVE-2017-6864)
cross-site scripting in siemens (CVE-2017-6864). Risk of unauthorized operations or information disclosure.
CVE-2017-2687 Cross-Site Scripting (XSS) in siemens (CVE-2017-2687)
cross-site scripting in siemens (CVE-2017-2687). Risk of unauthorized operations or information disclosure.
CVE-2017-2688 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2688)
vulnerability in csrf (CVE-2017-2688). Successful exploitation can lead to full system takeover.
CVE-2016-8749 Unsafe Deserialization in apache (CVE-2016-8749)
vulnerability in apache (CVE-2016-8749). Successful exploitation can lead to full system takeover.
CVE-2014-6440 Buffer Overflow in dos (CVE-2014-6440)
vulnerability in dos (CVE-2014-6440). Successful exploitation can lead to full system takeover.
CVE-2016-8884 Vulnerability in c (CVE-2016-8884)
vulnerability in c (CVE-2016-8884). Risk of unauthorized operations or information disclosure.
CVE-2017-7277 Out-of-Bounds Read in c (CVE-2017-7277)
vulnerability in c (CVE-2017-7277). Confidential information can be exposed externally.
CVE-2016-9465 Cross-Site Scripting (XSS) in nextcloud (CVE-2016-9465)
cross-site scripting in nextcloud (CVE-2016-9465). Risk of unauthorized operations or information disclosure.
CVE-2016-9466 Cross-Site Scripting (XSS) in nextcloud (CVE-2016-9466)
cross-site scripting in nextcloud (CVE-2016-9466). Risk of unauthorized operations or information disclosure.
CVE-2016-9472 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9472)
cross-site scripting in revive-adserver (CVE-2016-9472). Risk of unauthorized operations or information disclosure.
CVE-2016-9126 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9126)
cross-site scripting in revive-adserver (CVE-2016-9126). Risk of unauthorized operations or information disclosure.
CVE-2016-9128 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9128)
cross-site scripting in revive-adserver (CVE-2016-9128). Risk of unauthorized operations or information disclosure.
CVE-2016-9130 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9130)
cross-site scripting in revive-adserver (CVE-2016-9130). Risk of unauthorized operations or information disclosure.
CVE-2016-9454 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9454)
cross-site scripting in revive-adserver (CVE-2016-9454). Risk of unauthorized operations or information disclosure.
CVE-2016-9457 Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9457)
cross-site scripting in revive-adserver (CVE-2016-9457). Risk of unauthorized operations or information disclosure.
CVE-2016-9459 Vulnerability in nextcloud (CVE-2016-9459)
vulnerability in nextcloud (CVE-2016-9459). Risk of unauthorized operations or information disclosure.
CVE-2016-9127 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9127)
vulnerability in csrf (CVE-2016-9127). Successful exploitation can lead to full system takeover.
CVE-2016-9455 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9455)
vulnerability in csrf (CVE-2016-9455). Successful exploitation can lead to full system takeover.
CVE-2016-9456 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9456)
vulnerability in csrf (CVE-2016-9456). Successful exploitation can lead to full system takeover.
CVE-2016-9123 Vulnerability in github.com/square/go-jose (CVE-2016-9123)
vulnerability in github.com/square/go-jose (CVE-2016-9123). Data can be tampered with by attackers. Mitigation: upgrade to `0.0.0-20160903044734-789a4c4bd4c1` or later.
CVE-2016-9463 Vulnerability in nextcloud (CVE-2016-9463)
vulnerability in nextcloud (CVE-2016-9463). Successful exploitation can lead to full system takeover.
CVE-2016-6056 Cross-Site Scripting (XSS) in ibm (CVE-2016-6056)
cross-site scripting in ibm (CVE-2016-6056). Risk of unauthorized operations or information disclosure.
CVE-2016-9737 Cross-Site Scripting (XSS) in ibm (CVE-2016-9737)
cross-site scripting in ibm (CVE-2016-9737). Risk of unauthorized operations or information disclosure.
CVE-2017-1120 Cross-Site Scripting (XSS) in ibm (CVE-2017-1120)
cross-site scripting in ibm (CVE-2017-1120). Risk of unauthorized operations or information disclosure.
CVE-2016-9252 Vulnerability in dos (CVE-2016-9252)
vulnerability in dos (CVE-2016-9252). Risk of unauthorized operations or information disclosure.
CVE-2017-7275 Buffer Overflow in c (CVE-2017-7275)
vulnerability in c (CVE-2017-7275). Risk of unauthorized operations or information disclosure.
CVE-2017-7273 Vulnerability in c (CVE-2017-7273)
vulnerability in c (CVE-2017-7273). Successful exploitation can lead to full system takeover.
CVE-2017-7274 Vulnerability in c (CVE-2017-7274)
vulnerability in c (CVE-2017-7274). Risk of unauthorized operations or information disclosure.
CVE-2015-8010 Cross-Site Scripting (XSS) in icinga (CVE-2015-8010)
cross-site scripting in icinga (CVE-2015-8010). Risk of unauthorized operations or information disclosure.
CVE-2017-7271 Cross-Site Scripting (XSS) in yii-software (CVE-2017-7271)
cross-site scripting in yii-software (CVE-2017-7271). Risk of unauthorized operations or information disclosure.
CVE-2017-7272 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-7272)
SSRF in ssrf (CVE-2017-7272). Data can be tampered with by attackers.
CVE-2015-8762 Vulnerability in dos (CVE-2015-8762)
vulnerability in dos (CVE-2015-8762). Risk of unauthorized operations or information disclosure.
CVE-2016-4912 Vulnerability in c (CVE-2016-4912)
vulnerability in c (CVE-2016-4912). Risk of unauthorized operations or information disclosure.
CVE-2017-6463 Vulnerability in dos (CVE-2017-6463)
vulnerability in dos (CVE-2017-6463). Risk of unauthorized operations or information disclosure.
CVE-2017-6464 Vulnerability in dos (CVE-2017-6464)
vulnerability in dos (CVE-2017-6464). Risk of unauthorized operations or information disclosure.
CVE-2017-7183 Vulnerability in dos (CVE-2017-7183)
vulnerability in dos (CVE-2017-7183). Risk of unauthorized operations or information disclosure.
CVE-2017-7191 Use-After-Free in dos (CVE-2017-7191)
vulnerability in dos (CVE-2017-7191). Successful exploitation can lead to full system takeover.
CVE-2015-8310 Cross-Site Scripting (XSS) in cherrymusic (CVE-2015-8310)
cross-site scripting in cherrymusic (CVE-2015-8310). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `62dec34a1ea0741400dd6b6c660d303dcd651e86, 0.36.0` or later.
CVE-2017-6878 Cross-Site Scripting (XSS) in metinfo (CVE-2017-6878)
cross-site scripting in metinfo (CVE-2017-6878). Risk of unauthorized operations or information disclosure.
CVE-2015-8309 Path Traversal in cherrymusic (CVE-2015-8309)
path traversal in cherrymusic (CVE-2015-8309). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `62dec34a1ea0741400dd6b6c660d303dcd651e86, 0.36.0` or later.
CVE-2017-5899 Path Traversal in path-traversal (CVE-2017-5899)
path traversal in path-traversal (CVE-2017-5899). Successful exploitation can lead to full system takeover.
CVE-2015-8026 Buffer Overflow in dos (CVE-2015-8026)
vulnerability in dos (CVE-2015-8026). Successful exploitation can lead to full system takeover.
CVE-2016-9922 Vulnerability in c (CVE-2016-9922)
vulnerability in c (CVE-2016-9922). Risk of unauthorized operations or information disclosure.
CVE-2017-5850 Vulnerability in dos (CVE-2017-5850)
vulnerability in dos (CVE-2017-5850). Risk of unauthorized operations or information disclosure.
CVE-2017-5931 Vulnerability in c (CVE-2017-5931)
vulnerability in c (CVE-2017-5931). Successful exploitation can lead to full system takeover.
CVE-2017-5973 Vulnerability in c (CVE-2017-5973)
vulnerability in c (CVE-2017-5973). Risk of unauthorized operations or information disclosure.
CVE-2017-6013 Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
CVE-2017-6002 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6002)
vulnerability in csrf (CVE-2017-6002). Successful exploitation can lead to full system takeover.
CVE-2017-6003 Cross-Site Scripting (XSS) in dotcms (CVE-2017-6003)
cross-site scripting in dotcms (CVE-2017-6003). Risk of unauthorized operations or information disclosure.
CVE-2017-6066 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6066)
vulnerability in csrf (CVE-2017-6066). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →