Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-16877 |
|
Path Traversal in path-traversal (CVE-2017-16877)
path traversal in path-traversal (CVE-2017-16877). Confidential information can be exposed externally.
|
| CVE-2017-1000206 |
|
Buffer Overflow in htslib (CVE-2017-1000206)
vulnerability in htslib (CVE-2017-1000206). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000203 |
|
OS Command Injection in cern (CVE-2017-1000203)
OS command injection in cern (CVE-2017-1000203). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000211 |
|
Use-After-Free in lynx-project (CVE-2017-1000211)
vulnerability in lynx-project (CVE-2017-1000211). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10889 |
|
XXE (XML External Entity) in tablepress (CVE-2017-10889)
vulnerability in tablepress (CVE-2017-10889). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10886 |
|
Cross-Site Scripting (XSS) in cs-cart (CVE-2017-10886)
cross-site scripting in cs-cart (CVE-2017-10886). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4929 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2017-4929)
cross-site scripting in vmware (CVE-2017-4929). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4936 |
|
Out-of-Bounds Read in dos (CVE-2017-4936)
vulnerability in dos (CVE-2017-4936). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4937 |
|
Out-of-Bounds Read in dos (CVE-2017-4937)
vulnerability in dos (CVE-2017-4937). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10888 |
|
Information Disclosure in bookwalker (CVE-2017-10888)
vulnerability in bookwalker (CVE-2017-10888). Confidential information can be exposed externally.
|
| CVE-2017-10887 |
|
Vulnerability in bookwalker (CVE-2017-10887)
vulnerability in bookwalker (CVE-2017-10887). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4938 |
|
Vulnerability in vmware (CVE-2017-4938)
vulnerability in vmware (CVE-2017-4938). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4935 |
|
Out-of-Bounds Write in dos (CVE-2017-4935)
out-of-bounds write in dos (CVE-2017-4935). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4928 |
|
Cross-Site Request Forgery (CSRF) in ssrf (CVE-2017-4928)
vulnerability in ssrf (CVE-2017-4928). Confidential information can be exposed externally.
|
| CVE-2017-4934 |
|
Buffer Overflow in vmware (CVE-2017-4934)
vulnerability in vmware (CVE-2017-4934). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16868 |
|
Vulnerability in c (CVE-2017-16868)
vulnerability in c (CVE-2017-16868). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16871 |
|
Code Injection in wordpress (CVE-2017-16871)
code injection in wordpress (CVE-2017-16871). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16870 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-16870)
SSRF in wordpress (CVE-2017-16870). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16869 |
|
Buffer Overflow in cpp (CVE-2017-16869)
vulnerability in cpp (CVE-2017-16869). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16872 |
|
Buffer Overflow in teluu (CVE-2017-16872)
vulnerability in teluu (CVE-2017-16872). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000129 |
|
SQL Injection in sqli (CVE-2017-1000129)
SQL injection in sqli (CVE-2017-1000129). Confidential information can be exposed externally.
|
| CVE-2017-1000160 |
|
Cross-Site Scripting (XSS) in expressionengine (CVE-2017-1000160)
cross-site scripting in expressionengine (CVE-2017-1000160). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000164 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2017-1000164)
cross-site scripting in privilege-escalation (CVE-2017-1000164). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000223 |
|
Cross-Site Scripting (XSS) in modx (CVE-2017-1000223)
cross-site scripting in modx (CVE-2017-1000223). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000225 |
|
Cross-Site Scripting (XSS) in relevanssi (CVE-2017-1000225)
cross-site scripting in relevanssi (CVE-2017-1000225). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000158 |
|
Vulnerability in c (CVE-2017-1000158)
vulnerability in c (CVE-2017-1000158). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000229 |
|
Vulnerability in dos (CVE-2017-1000229)
vulnerability in dos (CVE-2017-1000229). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000226 |
|
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
|
| CVE-2017-1000125 |
|
Vulnerability in codiad (CVE-2017-1000125)
vulnerability in codiad (CVE-2017-1000125). Data can be tampered with by attackers.
|
| CVE-2017-1000246 |
|
Vulnerability in pysaml2-project (CVE-2017-1000246)
vulnerability in pysaml2-project (CVE-2017-1000246). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000248 |
|
Redis-store
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
|
| CVE-2017-1000247 |
|
Vulnerability in apache (CVE-2017-1000247)
vulnerability in apache (CVE-2017-1000247). Data can be tampered with by attackers.
|
| CVE-2017-1000231 |
|
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
|
| CVE-2017-1000232 |
|
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
|
| CVE-2017-1000189 |
|
Vulnerability in ejs (CVE-2017-1000189)
vulnerability in ejs (CVE-2017-1000189). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000228 |
|
Vulnerability in ejs (CVE-2017-1000228)
vulnerability in ejs (CVE-2017-1000228). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000188 |
|
Cross-Site Scripting (XSS) in ejs (CVE-2017-1000188)
cross-site scripting in ejs (CVE-2017-1000188). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000239 |
|
Cross-Site Scripting (XSS) in invoiceplane (CVE-2017-1000239)
cross-site scripting in invoiceplane (CVE-2017-1000239). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000240 |
|
Cross-Site Scripting (XSS) in open-emr (CVE-2017-1000240)
cross-site scripting in open-emr (CVE-2017-1000240). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000173 |
|
Out-of-Bounds Read in creolabs (CVE-2017-1000173)
vulnerability in creolabs (CVE-2017-1000173). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000172 |
|
Use-After-Free in c (CVE-2017-1000172)
vulnerability in c (CVE-2017-1000172). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000238 |
|
Unrestricted File Upload in invoiceplane (CVE-2017-1000238)
vulnerability in invoiceplane (CVE-2017-1000238). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000241 |
|
Privilege Escalation in privilege-escalation (CVE-2017-1000241)
vulnerability in privilege-escalation (CVE-2017-1000241). Confidential information can be exposed externally.
|
| CVE-2017-1000201 |
|
Vulnerability in dos (CVE-2017-1000201)
vulnerability in dos (CVE-2017-1000201). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000208 |
|
Unsafe Deserialization in swagger (CVE-2017-1000208)
vulnerability in swagger (CVE-2017-1000208). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000209 |
|
Vulnerability in nv-websocket-client-project (CVE-2017-1000209)
vulnerability in nv-websocket-client-project (CVE-2017-1000209). Confidential information can be exposed externally.
|
| CVE-2017-1000200 |
|
Vulnerability in dos (CVE-2017-1000200)
vulnerability in dos (CVE-2017-1000200). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000196 |
|
Code Injection in octobercms (CVE-2017-1000196)
code injection in octobercms (CVE-2017-1000196). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000195 |
|
Unsafe Deserialization in octobercms (CVE-2017-1000195)
vulnerability in octobercms (CVE-2017-1000195). Data can be tampered with by attackers.
|
| CVE-2017-1000198 |
|
Buffer Overflow in dos (CVE-2017-1000198)
vulnerability in dos (CVE-2017-1000198). Risk of unauthorized operations or information disclosure.
|