Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-6864 |
|
Cross-Site Scripting (XSS) in siemens (CVE-2017-6864)
cross-site scripting in siemens (CVE-2017-6864). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-2687 |
|
Cross-Site Scripting (XSS) in siemens (CVE-2017-2687)
cross-site scripting in siemens (CVE-2017-2687). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-2688 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2688)
vulnerability in csrf (CVE-2017-2688). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8749 |
|
Unsafe Deserialization in apache (CVE-2016-8749)
vulnerability in apache (CVE-2016-8749). Successful exploitation can lead to full system takeover.
|
| CVE-2014-6440 |
|
Buffer Overflow in dos (CVE-2014-6440)
vulnerability in dos (CVE-2014-6440). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8884 |
|
Vulnerability in c (CVE-2016-8884)
vulnerability in c (CVE-2016-8884). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7277 |
|
Out-of-Bounds Read in c (CVE-2017-7277)
vulnerability in c (CVE-2017-7277). Confidential information can be exposed externally.
|
| CVE-2016-9465 |
|
Cross-Site Scripting (XSS) in nextcloud (CVE-2016-9465)
cross-site scripting in nextcloud (CVE-2016-9465). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9466 |
|
Cross-Site Scripting (XSS) in nextcloud (CVE-2016-9466)
cross-site scripting in nextcloud (CVE-2016-9466). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9472 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9472)
cross-site scripting in revive-adserver (CVE-2016-9472). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9126 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9126)
cross-site scripting in revive-adserver (CVE-2016-9126). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9128 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9128)
cross-site scripting in revive-adserver (CVE-2016-9128). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9130 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9130)
cross-site scripting in revive-adserver (CVE-2016-9130). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9454 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9454)
cross-site scripting in revive-adserver (CVE-2016-9454). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9457 |
|
Cross-Site Scripting (XSS) in revive-adserver (CVE-2016-9457)
cross-site scripting in revive-adserver (CVE-2016-9457). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9459 |
|
Vulnerability in nextcloud (CVE-2016-9459)
vulnerability in nextcloud (CVE-2016-9459). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9127 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9127)
vulnerability in csrf (CVE-2016-9127). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9455 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9455)
vulnerability in csrf (CVE-2016-9455). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9456 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-9456)
vulnerability in csrf (CVE-2016-9456). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9123 |
|
Vulnerability in github.com/square/go-jose (CVE-2016-9123)
vulnerability in github.com/square/go-jose (CVE-2016-9123). Data can be tampered with by attackers. Mitigation: upgrade to `0.0.0-20160903044734-789a4c4bd4c1` or later.
|
| CVE-2016-9463 |
|
Vulnerability in nextcloud (CVE-2016-9463)
vulnerability in nextcloud (CVE-2016-9463). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6056 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2016-6056)
cross-site scripting in ibm (CVE-2016-6056). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9737 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2016-9737)
cross-site scripting in ibm (CVE-2016-9737). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1120 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1120)
cross-site scripting in ibm (CVE-2017-1120). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-9252 |
|
Vulnerability in dos (CVE-2016-9252)
vulnerability in dos (CVE-2016-9252). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7275 |
|
Buffer Overflow in c (CVE-2017-7275)
vulnerability in c (CVE-2017-7275). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7273 |
|
Vulnerability in c (CVE-2017-7273)
vulnerability in c (CVE-2017-7273). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7274 |
|
Vulnerability in c (CVE-2017-7274)
vulnerability in c (CVE-2017-7274). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8010 |
|
Cross-Site Scripting (XSS) in icinga (CVE-2015-8010)
cross-site scripting in icinga (CVE-2015-8010). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7271 |
|
Cross-Site Scripting (XSS) in yii-software (CVE-2017-7271)
cross-site scripting in yii-software (CVE-2017-7271). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7272 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-7272)
SSRF in ssrf (CVE-2017-7272). Data can be tampered with by attackers.
|
| CVE-2015-8762 |
|
Vulnerability in dos (CVE-2015-8762)
vulnerability in dos (CVE-2015-8762). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4912 |
|
Vulnerability in c (CVE-2016-4912)
vulnerability in c (CVE-2016-4912). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6463 |
|
Vulnerability in dos (CVE-2017-6463)
vulnerability in dos (CVE-2017-6463). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6464 |
|
Vulnerability in dos (CVE-2017-6464)
vulnerability in dos (CVE-2017-6464). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7183 |
|
Vulnerability in dos (CVE-2017-7183)
vulnerability in dos (CVE-2017-7183). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7191 |
|
Use-After-Free in dos (CVE-2017-7191)
vulnerability in dos (CVE-2017-7191). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8310 |
|
Cross-Site Scripting (XSS) in cherrymusic (CVE-2015-8310)
cross-site scripting in cherrymusic (CVE-2015-8310). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `62dec34a1ea0741400dd6b6c660d303dcd651e86, 0.36.0` or later.
|
| CVE-2017-6878 |
|
Cross-Site Scripting (XSS) in metinfo (CVE-2017-6878)
cross-site scripting in metinfo (CVE-2017-6878). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8309 |
|
Path Traversal in cherrymusic (CVE-2015-8309)
path traversal in cherrymusic (CVE-2015-8309). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `62dec34a1ea0741400dd6b6c660d303dcd651e86, 0.36.0` or later.
|
| CVE-2017-5899 |
|
Path Traversal in path-traversal (CVE-2017-5899)
path traversal in path-traversal (CVE-2017-5899). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8026 |
|
Buffer Overflow in dos (CVE-2015-8026)
vulnerability in dos (CVE-2015-8026). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9922 |
|
Vulnerability in c (CVE-2016-9922)
vulnerability in c (CVE-2016-9922). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5850 |
|
Vulnerability in dos (CVE-2017-5850)
vulnerability in dos (CVE-2017-5850). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5931 |
|
Vulnerability in c (CVE-2017-5931)
vulnerability in c (CVE-2017-5931). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5973 |
|
Vulnerability in c (CVE-2017-5973)
vulnerability in c (CVE-2017-5973). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6013 |
|
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
|
| CVE-2017-6002 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6002)
vulnerability in csrf (CVE-2017-6002). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6003 |
|
Cross-Site Scripting (XSS) in dotcms (CVE-2017-6003)
cross-site scripting in dotcms (CVE-2017-6003). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6066 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6066)
vulnerability in csrf (CVE-2017-6066). Successful exploitation can lead to full system takeover.
|