Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-16793 |
|
Buffer Overflow in c (CVE-2017-16793)
vulnerability in c (CVE-2017-16793). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16520 |
|
Privilege Escalation in inedo (CVE-2017-16520)
vulnerability in inedo (CVE-2017-16520). Data can be tampered with by attackers.
|
| CVE-2017-16780 |
|
Cross-Site Request Forgery (CSRF) in mybb (CVE-2017-16780)
vulnerability in mybb (CVE-2017-16780). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16783 |
|
Code Injection in cmsmadesimple (CVE-2017-16783)
code injection in cmsmadesimple (CVE-2017-16783). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16781 |
|
The installer in MyBB before 1.8.13 has XSS.
The installer in MyBB before 1.8.13 has XSS.
|
| CVE-2017-16782 |
|
Cross-Site Scripting (XSS) in home-assistant (CVE-2017-16782)
cross-site scripting in home-assistant (CVE-2017-16782). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16784 |
|
In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter.
In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter.
|
| CVE-2017-16785 |
|
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
|
| CVE-2017-16765 |
|
XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi.
XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi.
|
| CVE-2017-16760 |
|
Inedo BuildMaster before 5.8.2 has XSS.
Inedo BuildMaster before 5.8.2 has XSS.
|
| CVE-2017-16761 |
|
Open Redirect in inedo (CVE-2017-16761)
vulnerability in inedo (CVE-2017-16761). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16762 |
|
Path Traversal in sanic (CVE-2017-16762)
path traversal in sanic (CVE-2017-16762). Confidential information can be exposed externally. Mitigation: upgrade to `0.5.1` or later.
|
| CVE-2017-9758 |
|
Vulnerability in savitech-ic (CVE-2017-9758)
vulnerability in savitech-ic (CVE-2017-9758). Confidential information can be exposed externally.
|
| CVE-2017-5201 |
|
Information Disclosure in netapp (CVE-2017-5201)
vulnerability in netapp (CVE-2017-5201). Confidential information can be exposed externally.
|
| CVE-2017-16754 |
|
Vulnerability in boltcms (CVE-2017-16754)
vulnerability in boltcms (CVE-2017-16754). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16633 |
|
Information Disclosure in joomla (CVE-2017-16633)
vulnerability in joomla (CVE-2017-16633). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16567 |
|
Cross-Site Scripting (XSS) in logitech (CVE-2017-16567)
cross-site scripting in logitech (CVE-2017-16567). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16568 |
|
Cross-Site Scripting (XSS) in logitech (CVE-2017-16568)
cross-site scripting in logitech (CVE-2017-16568). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16562 |
|
Authentication Bypass in wordpress (CVE-2017-16562)
authentication bypass in wordpress (CVE-2017-16562). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16634 |
|
Authentication Bypass in joomla (CVE-2017-16634)
authentication bypass in joomla (CVE-2017-16634). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12779 |
|
Vulnerability in c (CVE-2017-12779)
vulnerability in c (CVE-2017-12779). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12781 |
|
Vulnerability in c (CVE-2017-12781)
vulnerability in c (CVE-2017-12781). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12800 |
|
Vulnerability in c (CVE-2017-12800)
vulnerability in c (CVE-2017-12800). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12803 |
|
Vulnerability in c (CVE-2017-12803)
vulnerability in c (CVE-2017-12803). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12969 |
|
Buffer Overflow in dos (CVE-2017-12969)
vulnerability in dos (CVE-2017-12969). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12782 |
|
Vulnerability in c (CVE-2017-12782)
vulnerability in c (CVE-2017-12782). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12783 |
|
Vulnerability in c (CVE-2017-12783)
vulnerability in c (CVE-2017-12783). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12801 |
|
Vulnerability in c (CVE-2017-12801)
vulnerability in c (CVE-2017-12801). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12802 |
|
Vulnerability in c (CVE-2017-12802)
vulnerability in c (CVE-2017-12802). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12780 |
|
Use-After-Free in c (CVE-2017-12780)
vulnerability in c (CVE-2017-12780). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11461 |
|
Vulnerability in netapp (CVE-2017-11461)
vulnerability in netapp (CVE-2017-11461). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11309 |
|
Buffer Overflow in avaya (CVE-2017-11309)
vulnerability in avaya (CVE-2017-11309). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16759 |
|
Path Traversal in librenms (CVE-2017-16759)
path traversal in librenms (CVE-2017-16759). Confidential information can be exposed externally.
|
| CVE-2017-16758 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-16758)
cross-site scripting in wordpress (CVE-2017-16758). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16757 |
|
Vulnerability in hola (CVE-2017-16757)
vulnerability in hola (CVE-2017-16757). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16711 |
|
Vulnerability in c (CVE-2017-16711)
vulnerability in c (CVE-2017-16711). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7501 |
|
Unsafe Deserialization in apache (CVE-2015-7501)
vulnerability in apache (CVE-2015-7501). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16673 |
|
Information Disclosure in datto (CVE-2017-16673)
vulnerability in datto (CVE-2017-16673). Confidential information can be exposed externally.
|
| CVE-2017-16672 |
|
Vulnerability in digium (CVE-2017-16672)
vulnerability in digium (CVE-2017-16672). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16669 |
|
Buffer Overflow in c (CVE-2017-16669)
vulnerability in c (CVE-2017-16669). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16671 |
|
Buffer Overflow in digium (CVE-2017-16671)
vulnerability in digium (CVE-2017-16671). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11511 |
|
Path Traversal in manageengine (CVE-2017-11511)
path traversal in manageengine (CVE-2017-11511). Confidential information can be exposed externally.
|
| CVE-2017-11512 |
|
Path Traversal in manageengine (CVE-2017-11512)
path traversal in manageengine (CVE-2017-11512). Confidential information can be exposed externally.
|
| CVE-2017-15865 |
|
Information Disclosure in frrouting (CVE-2017-15865)
vulnerability in frrouting (CVE-2017-15865). Confidential information can be exposed externally.
|
| CVE-2017-15085 |
|
Vulnerability in redhat (CVE-2017-15085)
vulnerability in redhat (CVE-2017-15085). Confidential information can be exposed externally.
|
| CVE-2017-15087 |
|
Information Disclosure in redhat (CVE-2017-15087)
vulnerability in redhat (CVE-2017-15087). Confidential information can be exposed externally.
|
| CVE-2017-16667 |
|
OS Command Injection in backintime-project (CVE-2017-16667)
OS command injection in backintime-project (CVE-2017-16667). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16665 |
|
Cross-Site Scripting (XSS) in remobjects (CVE-2017-16665)
cross-site scripting in remobjects (CVE-2017-16665). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3933 |
|
SQL Injection in sqli (CVE-2015-3933)
SQL injection in sqli (CVE-2015-3933). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9096 |
|
XXE (XML External Entity) in itextpdf (CVE-2017-9096)
vulnerability in itextpdf (CVE-2017-9096). Successful exploitation can lead to full system takeover.
|