Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-2146 |
|
SQL Injection in sqli (CVE-2015-2146)
SQL injection in sqli (CVE-2015-2146). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2147 |
|
SQL Injection in sqli (CVE-2015-2147)
SQL injection in sqli (CVE-2015-2147). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8957 |
|
Cross-Site Scripting (XSS) in openkm (CVE-2014-8957)
cross-site scripting in openkm (CVE-2014-8957). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-2144 |
|
Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2144)
cross-site scripting in phpbugtracker-project (CVE-2015-2144). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-2145 |
|
Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2145)
cross-site scripting in phpbugtracker-project (CVE-2015-2145). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-2148 |
|
Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2148)
cross-site scripting in phpbugtracker-project (CVE-2015-2148). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1828 |
|
Information Disclosure in httprb-project (CVE-2015-1828)
vulnerability in httprb-project (CVE-2015-1828). Confidential information can be exposed externally.
|
| CVE-2015-2142 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2142)
vulnerability in csrf (CVE-2015-2142). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2143 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2143)
vulnerability in csrf (CVE-2015-2143). Successful exploitation can lead to full system takeover.
|
| CVE-2015-0296 |
|
Vulnerability in tug (CVE-2015-0296)
vulnerability in tug (CVE-2015-0296). Data can be tampered with by attackers.
|
| CVE-2015-2673 |
|
Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15084 |
|
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
|
| CVE-2017-15079 |
|
Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
|
| CVE-2017-13069 |
|
Command Injection in qnap (CVE-2017-13069)
command injection in qnap (CVE-2017-13069). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9272 |
|
Vulnerability in dos (CVE-2017-9272)
vulnerability in dos (CVE-2017-9272). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13068 |
|
SQL Injection in sqli (CVE-2017-13068)
SQL injection in sqli (CVE-2017-13068). Confidential information can be exposed externally.
|
| CVE-2017-1002153 |
|
Vulnerability in koji (CVE-2017-1002153)
vulnerability in koji (CVE-2017-1002153). Data can be tampered with by attackers. Mitigation: upgrade to `1.15.0` or later.
|
| CVE-2015-2158 |
|
Vulnerability in c (CVE-2015-2158)
vulnerability in c (CVE-2015-2158). Successful exploitation can lead to full system takeover.
|
| CVE-2014-2903 |
|
Vulnerability in wolfssl (CVE-2014-2903)
vulnerability in wolfssl (CVE-2014-2903). Confidential information can be exposed externally.
|
| CVE-2015-5246 |
|
Vulnerability in theforeman (CVE-2015-5246)
vulnerability in theforeman (CVE-2015-5246). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2297 |
|
Vulnerability in dos (CVE-2015-2297)
vulnerability in dos (CVE-2015-2297). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
|
| CVE-2015-1206 |
|
Buffer Overflow in dos (CVE-2015-1206)
vulnerability in dos (CVE-2015-1206). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-7240 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-7240)
cross-site scripting in wordpress (CVE-2014-7240). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8492 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8492)
cross-site scripting in wordpress (CVE-2014-8492). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8758 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8758)
cross-site scripting in wordpress (CVE-2014-8758). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000254 |
|
Buffer Overflow in haxx (CVE-2017-1000254)
vulnerability in haxx (CVE-2017-1000254). Risk of unauthorized operations or information disclosure. Exploitable via ``PWD``.
|
| CVE-2017-15056 |
|
Vulnerability in cpp (CVE-2017-15056)
vulnerability in cpp (CVE-2017-15056). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15063 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15063)
vulnerability in csrf (CVE-2017-15063). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15045 |
|
Out-of-Bounds Read in c (CVE-2017-15045)
vulnerability in c (CVE-2017-15045). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15046 |
|
Buffer Overflow in c (CVE-2017-15046)
vulnerability in c (CVE-2017-15046). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15047 |
|
Buffer Overflow in c (CVE-2017-15047)
vulnerability in c (CVE-2017-15047). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14088 |
|
Buffer Overflow in privilege-escalation (CVE-2017-14088)
vulnerability in privilege-escalation (CVE-2017-14088). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14089 |
|
Buffer Overflow in trendmicro (CVE-2017-14089)
vulnerability in trendmicro (CVE-2017-14089). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14087 |
|
Vulnerability in trendmicro (CVE-2017-14087)
vulnerability in trendmicro (CVE-2017-14087). Data can be tampered with by attackers. Exploitable via `Host header`.
|
| CVE-2017-14085 |
|
Information Disclosure in trendmicro (CVE-2017-14085)
vulnerability in trendmicro (CVE-2017-14085). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14086 |
|
Vulnerability in trendmicro (CVE-2017-14086)
vulnerability in trendmicro (CVE-2017-14086). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13996 |
|
Vulnerability in path-traversal (CVE-2017-13996)
vulnerability in path-traversal (CVE-2017-13996). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12732 |
|
Vulnerability in ge (CVE-2017-12732)
vulnerability in ge (CVE-2017-12732). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13994 |
|
Cross-Site Scripting (XSS) in loytec (CVE-2017-13994)
cross-site scripting in loytec (CVE-2017-13994). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13998 |
|
Vulnerability in loytec (CVE-2017-13998)
vulnerability in loytec (CVE-2017-13998). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12106 |
|
Buffer Overflow in pl32 (CVE-2017-12106)
vulnerability in pl32 (CVE-2017-12106). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2880 |
|
Buffer Overflow in pl32 (CVE-2017-2880)
vulnerability in pl32 (CVE-2017-2880). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2920 |
|
Buffer Overflow in pl32 (CVE-2017-2920)
vulnerability in pl32 (CVE-2017-2920). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8937 |
|
Authentication Bypass in ibm (CVE-2016-8937)
authentication bypass in ibm (CVE-2016-8937). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1201 |
|
Vulnerability in ibm (CVE-2017-1201)
vulnerability in ibm (CVE-2017-1201). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1378 |
|
Vulnerability in ibm (CVE-2017-1378)
vulnerability in ibm (CVE-2017-1378). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1301 |
|
Vulnerability in ibm (CVE-2017-1301)
vulnerability in ibm (CVE-2017-1301). Data can be tampered with by attackers.
|
| CVE-2017-1522 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1522)
cross-site scripting in ibm (CVE-2017-1522). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14354 |
|
Cross-Site Scripting (XSS) in hp (CVE-2017-14354)
cross-site scripting in hp (CVE-2017-14354). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14353 |
|
Code Injection in hp (CVE-2017-14353)
code injection in hp (CVE-2017-14353). Successful exploitation can lead to full system takeover.
|