Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-7670 |
|
SQL Injection in wordpress (CVE-2015-7670)
SQL injection in wordpress (CVE-2015-7670). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7391 |
|
Cross-Site Scripting (XSS) in testlink (CVE-2015-7391)
cross-site scripting in testlink (CVE-2015-7391). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
|
| CVE-2015-3248 |
|
Vulnerability in dos (CVE-2015-3248)
vulnerability in dos (CVE-2015-3248). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14602 |
|
Authentication Bypass in citrix (CVE-2017-14602)
authentication bypass in citrix (CVE-2017-14602). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5192 |
|
Authentication Bypass in salt (CVE-2017-5192)
authentication bypass in salt (CVE-2017-5192). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
|
| CVE-2015-0874 |
|
Vulnerability in okb (CVE-2015-0874)
vulnerability in okb (CVE-2015-0874). Confidential information can be exposed externally.
|
| CVE-2015-5069 |
|
Information Disclosure in cpp (CVE-2015-5069)
vulnerability in cpp (CVE-2015-5069). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5070 |
|
Information Disclosure in cpp (CVE-2015-5070)
vulnerability in cpp (CVE-2015-5070). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14704 |
|
Unrestricted File Upload in laravel (CVE-2017-14704)
vulnerability in laravel (CVE-2017-14704). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13129 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14703 |
|
SQL Injection in sqli (CVE-2017-14703)
SQL injection in sqli (CVE-2017-14703). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14743 |
|
SQL Injection in sqli (CVE-2017-14743)
SQL injection in sqli (CVE-2017-14743). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14744 |
|
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
|
| CVE-2017-1000252 |
|
Vulnerability in c (CVE-2017-1000252)
vulnerability in c (CVE-2017-1000252). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14001 |
|
OS Command Injection in digium (CVE-2017-14001)
OS command injection in digium (CVE-2017-14001). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14739 |
|
Vulnerability in c (CVE-2017-14739)
vulnerability in c (CVE-2017-14739). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14741 |
|
Vulnerability in c (CVE-2017-14741)
vulnerability in c (CVE-2017-14741). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9962 |
|
Buffer Overflow in aveva (CVE-2017-9962)
vulnerability in aveva (CVE-2017-9962). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7974 |
|
Path Traversal in path-traversal (CVE-2017-7974)
path traversal in path-traversal (CVE-2017-7974). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7971 |
|
Vulnerability in schneider-electric (CVE-2017-7971)
vulnerability in schneider-electric (CVE-2017-7971). Confidential information can be exposed externally.
|
| CVE-2017-7973 |
|
SQL Injection in sqli (CVE-2017-7973)
SQL injection in sqli (CVE-2017-7973). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9960 |
|
Information Disclosure in schneider-electric (CVE-2017-9960)
vulnerability in schneider-electric (CVE-2017-9960). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9956 |
|
Vulnerability in schneider-electric (CVE-2017-9956)
vulnerability in schneider-electric (CVE-2017-9956). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9957 |
|
Vulnerability in schneider-electric (CVE-2017-9957)
vulnerability in schneider-electric (CVE-2017-9957). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9958 |
|
Vulnerability in schneider-electric (CVE-2017-9958)
vulnerability in schneider-electric (CVE-2017-9958). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7969 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8889 |
|
Information Disclosure in dropbox (CVE-2014-8889)
vulnerability in dropbox (CVE-2014-8889). Confidential information can be exposed externally.
|
| CVE-2015-0238 |
|
Information Disclosure in privilege-escalation (CVE-2015-0238)
vulnerability in privilege-escalation (CVE-2015-0238). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8707 |
|
Information Disclosure in magento (CVE-2015-8707)
vulnerability in magento (CVE-2015-8707). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8170 |
|
Vulnerability in ovirt (CVE-2014-8170)
vulnerability in ovirt (CVE-2014-8170). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8156 |
|
Vulnerability in dos (CVE-2014-8156)
vulnerability in dos (CVE-2014-8156). Successful exploitation can lead to full system takeover.
|
| CVE-2014-0997 |
|
Vulnerability in dos (CVE-2014-0997)
vulnerability in dos (CVE-2014-0997). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14734 |
|
Buffer Overflow in c (CVE-2017-14734)
vulnerability in c (CVE-2017-14734). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14735 |
|
Cross-Site Scripting (XSS) in antisamy-project (CVE-2017-14735)
cross-site scripting in antisamy-project (CVE-2017-14735). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14731 |
|
Out-of-Bounds Read in cpp (CVE-2017-14731)
vulnerability in cpp (CVE-2017-14731). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14733 |
|
Out-of-Bounds Read in c (CVE-2017-14733)
vulnerability in c (CVE-2017-14733). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5704 |
|
Command Injection in devscripts-devel-team (CVE-2015-5704)
command injection in devscripts-devel-team (CVE-2015-5704). Successful exploitation can lead to full system takeover.
|
| CVE-2012-6696 |
|
Vulnerability in inspircd (CVE-2012-6696)
vulnerability in inspircd (CVE-2012-6696). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5169 |
|
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
|
| CVE-2015-5181 |
|
The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript.
The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript.
|
| CVE-2015-8375 |
|
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
|
| CVE-2015-5327 |
|
Out-of-Bounds Read in c (CVE-2015-5327)
vulnerability in c (CVE-2015-5327). Confidential information can be exposed externally.
|
| CVE-2015-7544 |
|
Vulnerability in redhat (CVE-2015-7544)
vulnerability in redhat (CVE-2015-7544). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7846 |
|
Information Disclosure in huawei (CVE-2015-7846)
vulnerability in huawei (CVE-2015-7846). Confidential information can be exposed externally.
|
| CVE-2015-8251 |
|
Information Disclosure in unify (CVE-2015-8251)
vulnerability in unify (CVE-2015-8251). Confidential information can be exposed externally.
|
| CVE-2015-5182 |
|
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
|
| CVE-2015-7293 |
|
Cross-Site Request Forgery (CSRF) in plone (CVE-2015-7293)
vulnerability in plone (CVE-2015-7293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0a1` or later.
|
| CVE-2016-5868 |
|
Vulnerability in c (CVE-2016-5868)
vulnerability in c (CVE-2016-5868). Successful exploitation can lead to full system takeover.
|
| CVE-2011-4667 |
|
Vulnerability in cisco (CVE-2011-4667)
vulnerability in cisco (CVE-2011-4667). Confidential information can be exposed externally.
|
| CVE-2015-6592 |
|
Vulnerability in huawei (CVE-2015-6592)
vulnerability in huawei (CVE-2015-6592). Successful exploitation can lead to full system takeover.
|