Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2022-36537 KEV [KEV] Vulnerability in Zk framework zk-framework (CVE-2022-36537)
vulnerability in Zk framework zk-framework (CVE-2022-36537). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-33224 Unrestricted File Upload in umbraco (CVE-2021-33224)
vulnerability in umbraco (CVE-2021-33224). Successful exploitation can lead to full system takeover.
CVE-2021-4105 Vulnerability in bg-tek (CVE-2021-4105)
vulnerability in bg-tek (CVE-2021-4105). Successful exploitation can lead to full system takeover.
CVE-2023-24317 Unrestricted File Upload in judging-management-system-project (CVE-2023-24317)
vulnerability in judging-management-system-project (CVE-2023-24317). Confidential information can be exposed externally.
CVE-2022-2504 SQL Injection in sqli (CVE-2022-2504)
SQL injection in sqli (CVE-2022-2504). Successful exploitation can lead to full system takeover.
CVE-2023-0939 SQL Injection in sqli (CVE-2023-0939)
SQL injection in sqli (CVE-2023-0939). Successful exploitation can lead to full system takeover.
CVE-2022-40765 KEV [KEV] Command Injection in Mitel mivoice-connect (CVE-2022-40765)
command injection in Mitel mivoice-connect (CVE-2022-40765). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41223 KEV [KEV] Code Injection in Mitel mivoice-connect (CVE-2022-41223)
code injection in Mitel mivoice-connect (CVE-2022-41223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-47986 KEV [KEV] Unsafe Deserialization in Ibm aspera-faspex (CVE-2022-47986)
vulnerability in Ibm aspera-faspex (CVE-2022-47986). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-48328 Vulnerability in misp-project (CVE-2022-48328)
vulnerability in misp-project (CVE-2022-48328). Successful exploitation can lead to full system takeover.
CVE-2022-48329 Vulnerability in misp-project (CVE-2022-48329)
vulnerability in misp-project (CVE-2022-48329). Successful exploitation can lead to full system takeover.
CVE-2022-45701 Command Injection in commscope (CVE-2022-45701)
command injection in commscope (CVE-2022-45701). Successful exploitation can lead to full system takeover.
CVE-2022-46169 KEV [KEV] Vulnerability in cacti (CVE-2022-46169)
vulnerability in cacti (CVE-2022-46169). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-24187 XXE (XML External Entity) in ureport-project (CVE-2023-24187)
vulnerability in ureport-project (CVE-2023-24187). Successful exploitation can lead to full system takeover.
CVE-2023-21823 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-21823)
vulnerability in Microsoft windows (CVE-2023-21823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-21715 KEV [KEV] Authorization Flaw in Microsoft office (CVE-2023-21715)
vulnerability in Microsoft office (CVE-2023-21715). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-23376 KEV [KEV] Vulnerability in Microsoft windows (CVE-2023-23376)
vulnerability in Microsoft windows (CVE-2023-23376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-23529 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-23529)
vulnerability in Apple multiple-products (CVE-2023-23529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-24188 Path Traversal in path-traversal (CVE-2023-24188)
path traversal in path-traversal (CVE-2023-24188). Data can be tampered with by attackers.
CVE-2022-45724 Authentication Bypass in comfast (CVE-2022-45724)
authentication bypass in comfast (CVE-2022-45724). Risk of unauthorized operations or information disclosure.
CVE-2022-45725 Vulnerability in comfast (CVE-2022-45725)
vulnerability in comfast (CVE-2022-45725). Successful exploitation can lead to full system takeover.
CVE-2022-4557 Vulnerability in sqli (CVE-2022-4557)
vulnerability in sqli (CVE-2022-4557). Successful exploitation can lead to full system takeover.
CVE-2022-45089 SQL Injection in sqli (CVE-2022-45089)
SQL injection in sqli (CVE-2022-45089). Successful exploitation can lead to full system takeover.
CVE-2022-45090 SQL Injection in sqli (CVE-2022-45090)
SQL injection in sqli (CVE-2022-45090). Successful exploitation can lead to full system takeover.
CVE-2022-45088 Vulnerability in gruparge (CVE-2022-45088)
vulnerability in gruparge (CVE-2022-45088). Successful exploitation can lead to full system takeover.
CVE-2022-45086 Cross-Site Scripting (XSS) in gruparge (CVE-2022-45086)
cross-site scripting in gruparge (CVE-2022-45086). Risk of unauthorized operations or information disclosure.
CVE-2022-45087 Cross-Site Scripting (XSS) in gruparge (CVE-2022-45087)
cross-site scripting in gruparge (CVE-2022-45087). Risk of unauthorized operations or information disclosure.
CVE-2022-45091 Cross-Site Scripting (XSS) in gruparge (CVE-2022-45091)
cross-site scripting in gruparge (CVE-2022-45091). Risk of unauthorized operations or information disclosure.
CVE-2022-45085 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-45085)
SSRF in ssrf (CVE-2022-45085). Confidential information can be exposed externally.
CVE-2023-0669 KEV [KEV] Unsafe Deserialization in Fortra goanywhere-mft (CVE-2023-0669)
vulnerability in Fortra goanywhere-mft (CVE-2023-0669). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-2291 KEV [KEV] Vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291)
vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24990 KEV [KEV] Vulnerability in terramaster (CVE-2022-24990)
vulnerability in terramaster (CVE-2022-24990). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-45589 SQL Injection in sqli (CVE-2022-45589)
SQL injection in sqli (CVE-2022-45589). Successful exploitation can lead to full system takeover.
CVE-2022-48085 Cross-Site Scripting (XSS) in softr (CVE-2022-48085)
cross-site scripting in softr (CVE-2022-48085). Risk of unauthorized operations or information disclosure.
CVE-2022-45588 XXE (XML External Entity) in talend (CVE-2022-45588)
vulnerability in talend (CVE-2022-45588). Successful exploitation can lead to full system takeover.
CVE-2021-36712 Cross-Site Scripting (XSS) in yzmcms (CVE-2021-36712)
cross-site scripting in yzmcms (CVE-2021-36712). Risk of unauthorized operations or information disclosure.
CVE-2023-25136 Vulnerability in openbsd (CVE-2023-25136)
vulnerability in openbsd (CVE-2023-25136). Risk of unauthorized operations or information disclosure.
CVE-2022-46965 SQL Injection in sqli (CVE-2022-46965)
SQL injection in sqli (CVE-2022-46965). Confidential information can be exposed externally.
CVE-2023-22952 KEV [KEV] Vulnerability in Sugarcrm multiple-products (CVE-2023-22952)
vulnerability in Sugarcrm multiple-products (CVE-2023-22952). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-21587 KEV [KEV] Vulnerability in Oracle e-business-suite (CVE-2022-21587)
vulnerability in Oracle e-business-suite (CVE-2022-21587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-47003 Authentication Bypass in murasoftware (CVE-2022-47003)
authentication bypass in murasoftware (CVE-2022-47003). Successful exploitation can lead to full system takeover.
CVE-2022-31902 Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add().
Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add().
CVE-2022-47768 Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal.
Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal.
CVE-2022-47769 Unrestricted File Upload in serinf (CVE-2022-47769)
vulnerability in serinf (CVE-2022-47769). Successful exploitation can lead to full system takeover.
CVE-2022-47770 Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection.
Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection.
CVE-2022-44897 Cross-Site Scripting (XSS) in apollotheme (CVE-2022-44897)
cross-site scripting in apollotheme (CVE-2022-44897). Risk of unauthorized operations or information disclosure.
CVE-2022-23334 Vulnerability in ip-label (CVE-2022-23334)
vulnerability in ip-label (CVE-2022-23334). Successful exploitation can lead to full system takeover.
CVE-2020-22452 SQL Injection in sqli (CVE-2020-22452)
SQL injection in sqli (CVE-2020-22452). Successful exploitation can lead to full system takeover.
CVE-2017-11357 KEV [KEV] Vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357)
vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-4554 Cross-Site Scripting (XSS) in idyazilim (CVE-2022-4554)
cross-site scripting in idyazilim (CVE-2022-4554). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →