Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-12111 |
|
Out-of-Bounds Write in libxls-project (CVE-2017-12111)
out-of-bounds write in libxls-project (CVE-2017-12111). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2896 |
|
Out-of-Bounds Write in libxls-project (CVE-2017-2896)
out-of-bounds write in libxls-project (CVE-2017-2896). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2897 |
|
Out-of-Bounds Write in libxls-project (CVE-2017-2897)
out-of-bounds write in libxls-project (CVE-2017-2897). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2919 |
|
Out-of-Bounds Write in libxls-project (CVE-2017-2919)
out-of-bounds write in libxls-project (CVE-2017-2919). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12608 |
|
Out-of-Bounds Write in apache (CVE-2017-12608)
out-of-bounds write in apache (CVE-2017-12608). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3157 |
|
Information Disclosure in apache (CVE-2017-3157)
vulnerability in apache (CVE-2017-3157). Confidential information can be exposed externally.
|
| CVE-2017-16906 |
|
Cross-Site Scripting (XSS) in horde (CVE-2017-16906)
cross-site scripting in horde (CVE-2017-16906). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16907 |
|
Cross-Site Scripting (XSS) in horde (CVE-2017-16907)
cross-site scripting in horde (CVE-2017-16907). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16908 |
|
Cross-Site Scripting (XSS) in c (CVE-2017-16908)
cross-site scripting in c (CVE-2017-16908). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16904 |
|
Cross-Site Scripting (XSS) in lvyecms-project (CVE-2017-16904)
cross-site scripting in lvyecms-project (CVE-2017-16904). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12607 |
|
Out-of-Bounds Write in dos (CVE-2017-12607)
out-of-bounds write in dos (CVE-2017-12607). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15527 |
|
Path Traversal in path-traversal (CVE-2017-15527)
path traversal in path-traversal (CVE-2017-15527). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16903 |
|
Path Traversal in path-traversal (CVE-2017-16903)
path traversal in path-traversal (CVE-2017-16903). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16902 |
|
Buffer Overflow in vonage (CVE-2017-16902)
vulnerability in vonage (CVE-2017-16902). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9806 |
|
Out-of-Bounds Write in dos (CVE-2017-9806)
out-of-bounds write in dos (CVE-2017-9806). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16898 |
|
Buffer Overflow in c (CVE-2017-16898)
vulnerability in c (CVE-2017-16898). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16896 |
|
SQL Injection in sqli (CVE-2017-16896)
SQL injection in sqli (CVE-2017-16896). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11402 |
|
Vulnerability in belden (CVE-2017-11402)
vulnerability in belden (CVE-2017-11402). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16544 |
|
Code Injection in c (CVE-2017-16544)
code injection in c (CVE-2017-16544). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11400 |
|
Vulnerability in belden (CVE-2017-11400)
vulnerability in belden (CVE-2017-11400). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6804 |
|
Vulnerability in apache (CVE-2016-6804)
vulnerability in apache (CVE-2016-6804). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15110 |
|
Information Disclosure in moodle (CVE-2017-15110)
vulnerability in moodle (CVE-2017-15110). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16894 |
|
Information Disclosure in laravel (CVE-2017-16894)
vulnerability in laravel (CVE-2017-16894). Confidential information can be exposed externally.
|
| CVE-2017-16892 |
|
In Bftpd before 4.7, there is a memory leak in the file rename function.
In Bftpd before 4.7, there is a memory leak in the file rename function.
|
| CVE-2017-16882 |
|
Vulnerability in icinga (CVE-2017-16882)
vulnerability in icinga (CVE-2017-16882). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16883 |
|
Vulnerability in c (CVE-2017-16883)
vulnerability in c (CVE-2017-16883). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16881 |
|
Cross-Site Scripting (XSS) in symphony-project (CVE-2017-16881)
cross-site scripting in symphony-project (CVE-2017-16881). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14077 |
|
Code Injection in phpcaptcha (CVE-2017-14077)
code injection in phpcaptcha (CVE-2017-14077). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16566 |
|
Authentication Bypass in qacctv (CVE-2017-16566)
authentication bypass in qacctv (CVE-2017-16566). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000127 |
|
Exiv2 0.26 contains a heap buffer overflow in tiff parser
Exiv2 0.26 contains a heap buffer overflow in tiff parser
|
| CVE-2017-1000126 |
|
exiv2 0.26 contains a Stack out of bounds read in webp parser
exiv2 0.26 contains a Stack out of bounds read in webp parser
|
| CVE-2017-1000128 |
|
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
|
| CVE-2017-1000217 |
|
Vulnerability in opencast (CVE-2017-1000217)
vulnerability in opencast (CVE-2017-1000217). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.3.3` or later.
|
| CVE-2017-1000221 |
|
Vulnerability in apereo (CVE-2017-1000221)
vulnerability in apereo (CVE-2017-1000221). Confidential information can be exposed externally.
|
| CVE-2017-1000163 |
|
Open Redirect in phoenixframework (CVE-2017-1000163)
vulnerability in phoenixframework (CVE-2017-1000163). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4939 |
|
Vulnerability in vmware (CVE-2017-4939)
vulnerability in vmware (CVE-2017-4939). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000230 |
|
Vulnerability in dos (CVE-2017-1000230)
vulnerability in dos (CVE-2017-1000230). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000227 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000227)
cross-site scripting in wordpress (CVE-2017-1000227). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16880 |
|
The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has XSS.
The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has XSS.
|
| CVE-2017-16845 |
|
Vulnerability in c (CVE-2017-16845)
vulnerability in c (CVE-2017-16845). Confidential information can be exposed externally.
|
| CVE-2017-1000215 |
|
OS Command Injection in xrootd (CVE-2017-1000215)
OS command injection in xrootd (CVE-2017-1000215). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14111 |
|
Vulnerability in philips (CVE-2017-14111)
vulnerability in philips (CVE-2017-14111). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6168 |
|
Vulnerability in f5 (CVE-2017-6168)
vulnerability in f5 (CVE-2017-6168). Confidential information can be exposed externally. Mitigation: upgrade to `11.6.2` or later.
|
| CVE-2017-13702 |
|
Information Disclosure in moxa (CVE-2017-13702)
vulnerability in moxa (CVE-2017-13702). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000170 |
|
jqueryFileTree 2.1.5 and older Directory Traversal
jqueryFileTree 2.1.5 and older Directory Traversal
|
| CVE-2017-1000169 |
|
Vulnerability in quickerbb-project (CVE-2017-1000169)
vulnerability in quickerbb-project (CVE-2017-1000169). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13703 |
|
Vulnerability in dos (CVE-2017-13703)
vulnerability in dos (CVE-2017-13703). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13700 |
|
Cross-Site Scripting (XSS) in moxa (CVE-2017-13700)
cross-site scripting in moxa (CVE-2017-13700). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16819 |
|
Cross-Site Scripting (XSS) in icontime (CVE-2017-16819)
cross-site scripting in icontime (CVE-2017-16819). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000191 |
|
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
|