Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-5263 |
|
Vulnerability in pulpproject (CVE-2015-5263)
vulnerability in pulpproject (CVE-2015-5263). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5666 |
|
Vulnerability in ana (CVE-2015-5666)
vulnerability in ana (CVE-2015-5666). Confidential information can be exposed externally.
|
| CVE-2015-7785 |
|
GANMA! App for iOS does not verify SSL certificates.
GANMA! App for iOS does not verify SSL certificates.
|
| CVE-2015-7510 |
|
Buffer Overflow in systemd-project (CVE-2015-7510)
vulnerability in systemd-project (CVE-2015-7510). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5237 |
|
protobuf susceptible to buffer overflow
protobuf susceptible to buffer overflow
|
| CVE-2017-12905 |
|
SSRF (Server-Side Request Forgery) in vebto (CVE-2017-12905)
SSRF in vebto (CVE-2017-12905). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7315 |
|
Vulnerability in plone (CVE-2015-7315)
vulnerability in plone (CVE-2015-7315). Data can be tampered with by attackers. Mitigation: upgrade to `e1d981bfa14b664317285f0f36498f4be4a23406, 4.0a1, 4.1a1, 4.2a1, 4.3a1, 4.3.7, 5.0rc2` or later.
|
| CVE-2015-4669 |
|
SQL Injection in xceedium (CVE-2015-4669)
SQL injection in xceedium (CVE-2015-4669). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14125 |
|
SQL Injection in wordpress (CVE-2017-14125)
SQL injection in wordpress (CVE-2017-14125). Successful exploitation can lead to full system takeover.
|
| CVE-2010-3049 |
|
Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).
Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).
|
| CVE-2010-3050 |
|
Vulnerability in dos (CVE-2010-3050)
vulnerability in dos (CVE-2010-3050). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7318 |
|
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
|
| CVE-2015-5282 |
|
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
|
| CVE-2015-6748 |
|
Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
|
| CVE-2015-7316 |
|
Cross-Site Scripting (XSS) in plone (CVE-2015-7316)
cross-site scripting in plone (CVE-2015-7316). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3da710a2cd68587f0bf34f2e7ea1167d6eeee087, 4.0a1, 4.1a1, 4.2a1, 4.3a1, 4.3.7, 5.0rc2` or later.
|
| CVE-2015-4668 |
|
Open Redirect in xceedium (CVE-2015-4668)
vulnerability in xceedium (CVE-2015-4668). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-4667 |
|
Multiple hardcoded credentials in Xsuite 2.x.
Multiple hardcoded credentials in Xsuite 2.x.
|
| CVE-2017-14730 |
|
Vulnerability in elasticsearch (CVE-2017-14730)
vulnerability in elasticsearch (CVE-2017-14730). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7317 |
|
Vulnerability in kupu-project (CVE-2015-7317)
vulnerability in kupu-project (CVE-2015-7317). Confidential information can be exposed externally.
|
| CVE-2017-1362 |
|
Vulnerability in ibm (CVE-2017-1362)
vulnerability in ibm (CVE-2017-1362). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1346 |
|
Information Disclosure in ibm (CVE-2017-1346)
vulnerability in ibm (CVE-2017-1346). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14729 |
|
Buffer Overflow in c (CVE-2017-14729)
vulnerability in c (CVE-2017-14729). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1551 |
|
Vulnerability in ibm (CVE-2017-1551)
vulnerability in ibm (CVE-2017-1551). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1555 |
|
Vulnerability in ibm (CVE-2017-1555)
vulnerability in ibm (CVE-2017-1555). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1424 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1424)
cross-site scripting in ibm (CVE-2017-1424). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9551 |
|
Cross-Site Scripting (XSS) in mahara (CVE-2017-9551)
cross-site scripting in mahara (CVE-2017-9551). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14506 |
|
Cross-Site Scripting (XSS) in geminabox-project (CVE-2017-14506)
cross-site scripting in geminabox-project (CVE-2017-14506). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14683 |
|
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
|
| CVE-2017-14725 |
|
Open Redirect in wordpress (CVE-2017-14725)
vulnerability in wordpress (CVE-2017-14725). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14723 |
|
SQL Injection in wordpress (CVE-2017-14723)
SQL injection in wordpress (CVE-2017-14723). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14718 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14718)
cross-site scripting in wordpress (CVE-2017-14718). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14720 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14720)
cross-site scripting in wordpress (CVE-2017-14720). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14721 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14721)
cross-site scripting in wordpress (CVE-2017-14721). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14724 |
|
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
|
| CVE-2017-14726 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14726)
cross-site scripting in wordpress (CVE-2017-14726). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14719 |
|
Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
|
| CVE-2017-14722 |
|
Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
|
| CVE-2017-14627 |
|
Buffer Overflow in cyberlink (CVE-2017-14627)
vulnerability in cyberlink (CVE-2017-14627). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14727 |
|
Buffer Overflow in c (CVE-2017-14727)
vulnerability in c (CVE-2017-14727). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14694 |
|
Buffer Overflow in c (CVE-2017-14694)
vulnerability in c (CVE-2017-14694). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14712 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
|
| CVE-2017-14713 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
|
| CVE-2017-14714 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
|
| CVE-2017-14715 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
|
| CVE-2017-14716 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
|
| CVE-2017-14717 |
|
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
|
| CVE-2017-14705 |
|
OS Command Injection in denyall (CVE-2017-14705)
OS command injection in denyall (CVE-2017-14705). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14706 |
|
Authentication Bypass in denyall (CVE-2017-14706)
authentication bypass in denyall (CVE-2017-14706). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6267 |
|
Vulnerability in dos (CVE-2017-6267)
vulnerability in dos (CVE-2017-6267). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6268 |
|
Vulnerability in dos (CVE-2017-6268)
vulnerability in dos (CVE-2017-6268). Successful exploitation can lead to full system takeover.
|