Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-42868 |
|
Cross-Site Scripting (XSS) in chikitsa (CVE-2021-42868)
cross-site scripting in chikitsa (CVE-2021-42868). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-10562 KEV |
|
[KEV] OS Command Injection in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10562)
OS command injection in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21551 KEV |
|
[KEV] Vulnerability in Dell dbutil-driver (CVE-2021-21551)
vulnerability in Dell dbutil-driver (CVE-2021-21551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34484 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2021-34484)
vulnerability in Microsoft windows (CVE-2021-34484). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-1040 KEV |
|
[KEV] Vulnerability in Sophos firewall (CVE-2022-1040)
vulnerability in Sophos firewall (CVE-2022-1040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26871 KEV |
|
[KEV] Vulnerability in Trend micro trend-micro (CVE-2022-26871)
vulnerability in Trend micro trend-micro (CVE-2022-26871). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-10561 KEV |
|
[KEV] Authentication Bypass in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10561)
authentication bypass in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10561). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-28799 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799)
vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26644 |
|
Cross-Site Scripting (XSS) in oretnom23 (CVE-2022-26644)
cross-site scripting in oretnom23 (CVE-2022-26644). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26645 |
|
Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46006 |
|
Vulnerability in totolink (CVE-2021-46006)
vulnerability in totolink (CVE-2021-46006). Data can be tampered with by attackers.
|
| CVE-2021-46009 |
|
Vulnerability in totolink (CVE-2021-46009)
vulnerability in totolink (CVE-2021-46009). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46008 |
|
Vulnerability in totolink (CVE-2021-46008)
vulnerability in totolink (CVE-2021-46008). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46010 |
|
Vulnerability in totolink (CVE-2021-46010)
vulnerability in totolink (CVE-2021-46010). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46007 |
|
OS Command Injection in totolink (CVE-2021-46007)
OS command injection in totolink (CVE-2021-46007). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45031 |
|
Vulnerability in mepsan (CVE-2021-45031)
vulnerability in mepsan (CVE-2021-45031). Confidential information can be exposed externally.
|
| CVE-2022-26244 |
|
Cross-Site Scripting (XSS) in hospitals-patient-records-management-system-project (CVE-2022-26244)
cross-site scripting in hospitals-patient-records-management-system-project (CVE-2022-26244). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-25521 |
|
UNNO v03.11.00 was discovered to contain access control issue.
UNNO v03.11.00 was discovered to contain access control issue.
|
| CVE-2012-0518 KEV |
|
[KEV] Open Redirect in Oracle fusion-middleware (CVE-2012-0518)
vulnerability in Oracle fusion-middleware (CVE-2012-0518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0059 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer (CVE-2017-0059)
vulnerability in Microsoft internet-explorer (CVE-2017-0059). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8406 KEV |
|
[KEV] Vulnerability in Microsoft directx-graphics-kernel-dxgkrnl (CVE-2018-8406)
vulnerability in Microsoft directx-graphics-kernel-dxgkrnl (CVE-2018-8406). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8405 KEV |
|
[KEV] Vulnerability in Microsoft directx-graphics-kernel-dxgkrnl (CVE-2018-8405)
vulnerability in Microsoft directx-graphics-kernel-dxgkrnl (CVE-2018-8405). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-1096 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2022-1096)
vulnerability in Google chromium-v8 (CVE-2022-1096). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-2539 KEV |
|
[KEV] Vulnerability in Microsoft word (CVE-2012-2539)
vulnerability in Microsoft word (CVE-2012-2539). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26085 KEV |
|
[KEV] Vulnerability in Atlassian confluence-server (CVE-2021-26085)
vulnerability in Atlassian confluence-server (CVE-2021-26085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0151 KEV |
|
[KEV] Vulnerability in Microsoft client-server-run-time-subsystem-csrss (CVE-2016-0151)
vulnerability in Microsoft client-server-run-time-subsystem-csrss (CVE-2016-0151). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0040 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2016-0040)
vulnerability in Microsoft windows (CVE-2016-0040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2011-2005 KEV |
|
[KEV] Vulnerability in Microsoft ancillary-function-driver-afdsys (CVE-2011-2005)
vulnerability in Microsoft ancillary-function-driver-afdsys (CVE-2011-2005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-2729 KEV |
|
[KEV] Vulnerability in Adobe reader-and-acrobat (CVE-2013-2729)
vulnerability in Adobe reader-and-acrobat (CVE-2013-2729). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1770 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2015-1770)
vulnerability in Microsoft office (CVE-2015-1770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0037 KEV |
|
[KEV] Vulnerability in Microsoft edge-and-internet-explorer (CVE-2017-0037)
vulnerability in Microsoft edge-and-internet-explorer (CVE-2017-0037). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-0543 KEV |
|
[KEV] Vulnerability in redis (CVE-2022-0543)
vulnerability in redis (CVE-2022-0543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7483 KEV |
|
[KEV] Path Traversal in Sonicwall sma100 (CVE-2019-7483)
path traversal in Sonicwall sma100 (CVE-2019-7483). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-7201 KEV |
|
[KEV] Buffer Overflow in Microsoft edge (CVE-2016-7201)
vulnerability in Microsoft edge (CVE-2016-7201). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-7200 KEV |
|
[KEV] Buffer Overflow in Microsoft edge (CVE-2016-7200)
vulnerability in Microsoft edge (CVE-2016-7200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0189 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2016-0189)
vulnerability in Microsoft internet-explorer (CVE-2016-0189). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2426 KEV |
|
[KEV] Buffer Overflow in Microsoft windows (CVE-2015-2426)
vulnerability in Microsoft windows (CVE-2015-2426). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2419 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2015-2419)
vulnerability in Microsoft internet-explorer (CVE-2015-2419). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3660 KEV |
|
[KEV] Buffer Overflow in Microsoft win32k (CVE-2013-3660)
vulnerability in Microsoft win32k (CVE-2013-3660). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-1690 KEV |
|
[KEV] Buffer Overflow in Mozilla firefox-and-thunderbird (CVE-2013-1690)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2013-1690). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-2034 KEV |
|
[KEV] Buffer Overflow in Adobe flash-player (CVE-2012-2034)
vulnerability in Adobe flash-player (CVE-2012-2034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-4398 KEV |
|
[KEV] Buffer Overflow in Microsoft windows (CVE-2010-4398)
vulnerability in Microsoft windows (CVE-2010-4398). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-20028 KEV |
|
[KEV] SQL Injection in Sonicwall secure-remote-access-sra (CVE-2021-20028)
SQL injection in Sonicwall secure-remote-access-sra (CVE-2021-20028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34486 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2021-34486)
vulnerability in Microsoft windows (CVE-2021-34486). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-2551 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2013-2551)
vulnerability in Microsoft internet-explorer (CVE-2013-2551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26263 |
|
Cross-Site Scripting (XSS) in yonyou (CVE-2022-26263)
cross-site scripting in yonyou (CVE-2022-26263). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-40906 |
|
Cross-Site Scripting (XSS) in checkmk (CVE-2021-40906)
cross-site scripting in checkmk (CVE-2021-40906). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-40904 |
|
Vulnerability in checkmk (CVE-2021-40904)
vulnerability in checkmk (CVE-2021-40904). Successful exploitation can lead to full system takeover.
|
| CVE-2021-40905 |
|
Unrestricted File Upload in checkmk (CVE-2021-40905)
vulnerability in checkmk (CVE-2021-40905). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25523 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-25523)
vulnerability in csrf (CVE-2022-25523). Successful exploitation can lead to full system takeover.
|