Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2013-3896 KEV |
|
[KEV] Vulnerability in Microsoft silverlight (CVE-2013-3896)
vulnerability in Microsoft silverlight (CVE-2013-3896). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-1010 KEV |
|
[KEV] Vulnerability in Adobe flash-player-and-air (CVE-2016-1010)
vulnerability in Adobe flash-player-and-air (CVE-2016-1010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0984 KEV |
|
[KEV] Use-After-Free in Adobe flash-player-and-air (CVE-2016-0984)
vulnerability in Adobe flash-player-and-air (CVE-2016-0984). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22790 |
|
Out-of-Bounds Read in dos (CVE-2021-22790)
vulnerability in dos (CVE-2021-22790). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-7477 |
|
Vulnerability in dos (CVE-2020-7477)
vulnerability in dos (CVE-2020-7477). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22789 |
|
Buffer Overflow in dos (CVE-2021-22789)
vulnerability in dos (CVE-2021-22789). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22792 |
|
Vulnerability in dos (CVE-2021-22792)
vulnerability in dos (CVE-2021-22792). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-7489 |
|
Vulnerability in schneider-electric (CVE-2020-7489)
vulnerability in schneider-electric (CVE-2020-7489). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22791 |
|
Out-of-Bounds Write in dos (CVE-2021-22791)
out-of-bounds write in dos (CVE-2021-22791). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-12868 |
|
Unsafe Deserialization in deserialization (CVE-2019-12868)
vulnerability in deserialization (CVE-2019-12868). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29333 |
|
Privilege Escalation in cyberlink (CVE-2022-29333)
vulnerability in cyberlink (CVE-2022-29333). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41653 |
|
Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25368 |
|
OS Command Injection in dlink (CVE-2020-25368)
OS command injection in dlink (CVE-2020-25368). Successful exploitation can lead to full system takeover.
|
| CVE-2021-36698 |
|
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
|
| CVE-2021-36697 |
|
Vulnerability in artica (CVE-2021-36697)
vulnerability in artica (CVE-2021-36697). Successful exploitation can lead to full system takeover.
|
| CVE-2021-27722 |
|
Vulnerability in nsasoft (CVE-2021-27722)
vulnerability in nsasoft (CVE-2021-27722). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-27406 |
|
Cross-Site Scripting (XSS) in dynpg (CVE-2020-27406)
cross-site scripting in dynpg (CVE-2020-27406). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25874 |
|
SQL Injection in sqli (CVE-2021-25874)
SQL injection in sqli (CVE-2021-25874). Confidential information can be exposed externally.
|
| CVE-2021-25876 |
|
Cross-Site Scripting (XSS) in youphptube (CVE-2021-25876)
cross-site scripting in youphptube (CVE-2021-25876). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25875 |
|
Cross-Site Scripting (XSS) in youphptube (CVE-2021-25875)
cross-site scripting in youphptube (CVE-2021-25875). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-25912 |
|
XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
|
| CVE-2021-33259 |
|
Vulnerability in d-link (CVE-2021-33259)
vulnerability in d-link (CVE-2021-33259). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-31624 |
|
Vulnerability in tendacn (CVE-2021-31624)
vulnerability in tendacn (CVE-2021-31624). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31627 |
|
Vulnerability in tendacn (CVE-2021-31627)
vulnerability in tendacn (CVE-2021-31627). Successful exploitation can lead to full system takeover.
|
| CVE-2021-36512 |
|
Vulnerability in cpp (CVE-2021-36512)
vulnerability in cpp (CVE-2021-36512). Confidential information can be exposed externally.
|
| CVE-2020-19964 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-19964)
vulnerability in csrf (CVE-2020-19964). Data can be tampered with by attackers.
|
| CVE-2020-19961 |
|
SQL Injection in sqli (CVE-2020-19961)
SQL injection in sqli (CVE-2020-19961). Confidential information can be exposed externally.
|
| CVE-2021-29004 |
|
SQL Injection in sqli (CVE-2021-29004)
SQL injection in sqli (CVE-2021-29004). Successful exploitation can lead to full system takeover.
|
| CVE-2021-29005 |
|
Vulnerability in apache (CVE-2021-29005)
vulnerability in apache (CVE-2021-29005). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35504 |
|
Vulnerability in afian (CVE-2021-35504)
vulnerability in afian (CVE-2021-35504). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35505 |
|
Vulnerability in afian (CVE-2021-35505)
vulnerability in afian (CVE-2021-35505). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35503 |
|
Cross-Site Scripting (XSS) in afian (CVE-2021-35503)
cross-site scripting in afian (CVE-2021-35503). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-35506 |
|
Cross-Site Scripting (XSS) in afian (CVE-2021-35506)
cross-site scripting in afian (CVE-2021-35506). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-3825 |
|
Vulnerability in pardus (CVE-2021-3825)
vulnerability in pardus (CVE-2021-3825). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21228 |
|
Cross-Site Scripting (XSS) in jizhicms (CVE-2020-21228)
cross-site scripting in jizhicms (CVE-2020-21228). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-22977 |
|
XXE (XML External Entity) in vmware (CVE-2022-22977)
vulnerability in vmware (CVE-2022-22977). Confidential information can be exposed externally.
|
| CVE-2021-3806 |
|
Path Traversal in path-traversal (CVE-2021-3806)
path traversal in path-traversal (CVE-2021-3806). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-36582 |
|
Unrestricted File Upload in kooboo (CVE-2021-36582)
vulnerability in kooboo (CVE-2021-36582). Successful exploitation can lead to full system takeover.
|
| CVE-2021-36581 |
|
Unrestricted File Upload in kooboo (CVE-2021-36581)
vulnerability in kooboo (CVE-2021-36581). Successful exploitation can lead to full system takeover.
|
| CVE-2021-33289 |
|
Out-of-Bounds Write in tuxera (CVE-2021-33289)
out-of-bounds write in tuxera (CVE-2021-33289). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35269 |
|
Out-of-Bounds Write in tuxera (CVE-2021-35269)
out-of-bounds write in tuxera (CVE-2021-35269). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35267 |
|
Out-of-Bounds Write in tuxera (CVE-2021-35267)
out-of-bounds write in tuxera (CVE-2021-35267). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35266 |
|
Out-of-Bounds Write in c (CVE-2021-35266)
out-of-bounds write in c (CVE-2021-35266). Successful exploitation can lead to full system takeover.
|
| CVE-2020-20345 |
|
Cross-Site Scripting (XSS) in wtcms-project (CVE-2020-20345)
cross-site scripting in wtcms-project (CVE-2020-20345). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-39302 |
|
SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31655 |
|
Cross-Site Scripting (XSS) in trendnet (CVE-2021-31655)
cross-site scripting in trendnet (CVE-2021-31655). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-33485 |
|
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
|
| CVE-2021-37743 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-37743)
cross-site scripting in misp-project (CVE-2021-37743). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37742 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2021-37742)
cross-site scripting in misp-project (CVE-2021-37742). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37534 |
|
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
|