Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2015-2146 SQL Injection in sqli (CVE-2015-2146)
SQL injection in sqli (CVE-2015-2146). Successful exploitation can lead to full system takeover.
CVE-2015-2147 SQL Injection in sqli (CVE-2015-2147)
SQL injection in sqli (CVE-2015-2147). Successful exploitation can lead to full system takeover.
CVE-2014-8957 Cross-Site Scripting (XSS) in openkm (CVE-2014-8957)
cross-site scripting in openkm (CVE-2014-8957). Risk of unauthorized operations or information disclosure.
CVE-2015-2144 Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2144)
cross-site scripting in phpbugtracker-project (CVE-2015-2144). Risk of unauthorized operations or information disclosure.
CVE-2015-2145 Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2145)
cross-site scripting in phpbugtracker-project (CVE-2015-2145). Risk of unauthorized operations or information disclosure.
CVE-2015-2148 Cross-Site Scripting (XSS) in phpbugtracker-project (CVE-2015-2148)
cross-site scripting in phpbugtracker-project (CVE-2015-2148). Risk of unauthorized operations or information disclosure.
CVE-2015-1828 Information Disclosure in httprb-project (CVE-2015-1828)
vulnerability in httprb-project (CVE-2015-1828). Confidential information can be exposed externally.
CVE-2015-2142 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2142)
vulnerability in csrf (CVE-2015-2142). Successful exploitation can lead to full system takeover.
CVE-2015-2143 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2143)
vulnerability in csrf (CVE-2015-2143). Successful exploitation can lead to full system takeover.
CVE-2015-0296 Vulnerability in tug (CVE-2015-0296)
vulnerability in tug (CVE-2015-0296). Data can be tampered with by attackers.
CVE-2015-2673 Vulnerability in wordpress (CVE-2015-2673)
vulnerability in wordpress (CVE-2015-2673). Successful exploitation can lead to full system takeover.
CVE-2017-15084 The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
CVE-2017-15079 Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
CVE-2017-13069 Command Injection in qnap (CVE-2017-13069)
command injection in qnap (CVE-2017-13069). Successful exploitation can lead to full system takeover.
CVE-2017-9272 Vulnerability in dos (CVE-2017-9272)
vulnerability in dos (CVE-2017-9272). Risk of unauthorized operations or information disclosure.
CVE-2017-13068 SQL Injection in sqli (CVE-2017-13068)
SQL injection in sqli (CVE-2017-13068). Confidential information can be exposed externally.
CVE-2017-1002153 Vulnerability in koji (CVE-2017-1002153)
vulnerability in koji (CVE-2017-1002153). Data can be tampered with by attackers. Mitigation: upgrade to `1.15.0` or later.
CVE-2015-2158 Vulnerability in c (CVE-2015-2158)
vulnerability in c (CVE-2015-2158). Successful exploitation can lead to full system takeover.
CVE-2014-2903 Vulnerability in wolfssl (CVE-2014-2903)
vulnerability in wolfssl (CVE-2014-2903). Confidential information can be exposed externally.
CVE-2015-5246 Vulnerability in theforeman (CVE-2015-5246)
vulnerability in theforeman (CVE-2015-5246). Successful exploitation can lead to full system takeover.
CVE-2015-2297 Vulnerability in dos (CVE-2015-2297)
vulnerability in dos (CVE-2015-2297). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
CVE-2015-1206 Buffer Overflow in dos (CVE-2015-1206)
vulnerability in dos (CVE-2015-1206). Risk of unauthorized operations or information disclosure.
CVE-2014-7240 Cross-Site Scripting (XSS) in wordpress (CVE-2014-7240)
cross-site scripting in wordpress (CVE-2014-7240). Risk of unauthorized operations or information disclosure.
CVE-2014-8492 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8492)
cross-site scripting in wordpress (CVE-2014-8492). Risk of unauthorized operations or information disclosure.
CVE-2014-8758 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8758)
cross-site scripting in wordpress (CVE-2014-8758). Risk of unauthorized operations or information disclosure.
CVE-2017-1000254 Buffer Overflow in haxx (CVE-2017-1000254)
vulnerability in haxx (CVE-2017-1000254). Risk of unauthorized operations or information disclosure. Exploitable via ``PWD``.
CVE-2017-15056 Vulnerability in cpp (CVE-2017-15056)
vulnerability in cpp (CVE-2017-15056). Successful exploitation can lead to full system takeover.
CVE-2017-15063 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15063)
vulnerability in csrf (CVE-2017-15063). Successful exploitation can lead to full system takeover.
CVE-2017-15045 Out-of-Bounds Read in c (CVE-2017-15045)
vulnerability in c (CVE-2017-15045). Risk of unauthorized operations or information disclosure.
CVE-2017-15046 Buffer Overflow in c (CVE-2017-15046)
vulnerability in c (CVE-2017-15046). Risk of unauthorized operations or information disclosure.
CVE-2017-15047 Buffer Overflow in c (CVE-2017-15047)
vulnerability in c (CVE-2017-15047). Successful exploitation can lead to full system takeover.
CVE-2017-14088 Buffer Overflow in privilege-escalation (CVE-2017-14088)
vulnerability in privilege-escalation (CVE-2017-14088). Successful exploitation can lead to full system takeover.
CVE-2017-14089 Buffer Overflow in trendmicro (CVE-2017-14089)
vulnerability in trendmicro (CVE-2017-14089). Successful exploitation can lead to full system takeover.
CVE-2017-14087 Vulnerability in trendmicro (CVE-2017-14087)
vulnerability in trendmicro (CVE-2017-14087). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2017-14085 Information Disclosure in trendmicro (CVE-2017-14085)
vulnerability in trendmicro (CVE-2017-14085). Risk of unauthorized operations or information disclosure.
CVE-2017-14086 Vulnerability in trendmicro (CVE-2017-14086)
vulnerability in trendmicro (CVE-2017-14086). Risk of unauthorized operations or information disclosure.
CVE-2017-13996 Vulnerability in path-traversal (CVE-2017-13996)
vulnerability in path-traversal (CVE-2017-13996). Successful exploitation can lead to full system takeover.
CVE-2017-12732 Vulnerability in ge (CVE-2017-12732)
vulnerability in ge (CVE-2017-12732). Successful exploitation can lead to full system takeover.
CVE-2017-13994 Cross-Site Scripting (XSS) in loytec (CVE-2017-13994)
cross-site scripting in loytec (CVE-2017-13994). Risk of unauthorized operations or information disclosure.
CVE-2017-13998 Vulnerability in loytec (CVE-2017-13998)
vulnerability in loytec (CVE-2017-13998). Successful exploitation can lead to full system takeover.
CVE-2017-12106 Buffer Overflow in pl32 (CVE-2017-12106)
vulnerability in pl32 (CVE-2017-12106). Successful exploitation can lead to full system takeover.
CVE-2017-2880 Buffer Overflow in pl32 (CVE-2017-2880)
vulnerability in pl32 (CVE-2017-2880). Successful exploitation can lead to full system takeover.
CVE-2017-2920 Buffer Overflow in pl32 (CVE-2017-2920)
vulnerability in pl32 (CVE-2017-2920). Successful exploitation can lead to full system takeover.
CVE-2016-8937 Authentication Bypass in ibm (CVE-2016-8937)
authentication bypass in ibm (CVE-2016-8937). Successful exploitation can lead to full system takeover.
CVE-2017-1201 Vulnerability in ibm (CVE-2017-1201)
vulnerability in ibm (CVE-2017-1201). Successful exploitation can lead to full system takeover.
CVE-2017-1378 Vulnerability in ibm (CVE-2017-1378)
vulnerability in ibm (CVE-2017-1378). Successful exploitation can lead to full system takeover.
CVE-2017-1301 Vulnerability in ibm (CVE-2017-1301)
vulnerability in ibm (CVE-2017-1301). Data can be tampered with by attackers.
CVE-2017-1522 Cross-Site Scripting (XSS) in ibm (CVE-2017-1522)
cross-site scripting in ibm (CVE-2017-1522). Risk of unauthorized operations or information disclosure.
CVE-2017-14354 Cross-Site Scripting (XSS) in hp (CVE-2017-14354)
cross-site scripting in hp (CVE-2017-14354). Risk of unauthorized operations or information disclosure.
CVE-2017-14353 Code Injection in hp (CVE-2017-14353)
code injection in hp (CVE-2017-14353). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →