Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2015-5263 Vulnerability in pulpproject (CVE-2015-5263)
vulnerability in pulpproject (CVE-2015-5263). Successful exploitation can lead to full system takeover.
CVE-2015-5666 Vulnerability in ana (CVE-2015-5666)
vulnerability in ana (CVE-2015-5666). Confidential information can be exposed externally.
CVE-2015-7785 GANMA! App for iOS does not verify SSL certificates.
GANMA! App for iOS does not verify SSL certificates.
CVE-2015-7510 Buffer Overflow in systemd-project (CVE-2015-7510)
vulnerability in systemd-project (CVE-2015-7510). Successful exploitation can lead to full system takeover.
CVE-2015-5237 protobuf susceptible to buffer overflow
protobuf susceptible to buffer overflow
CVE-2017-12905 SSRF (Server-Side Request Forgery) in vebto (CVE-2017-12905)
SSRF in vebto (CVE-2017-12905). Successful exploitation can lead to full system takeover.
CVE-2015-7315 Vulnerability in plone (CVE-2015-7315)
vulnerability in plone (CVE-2015-7315). Data can be tampered with by attackers. Mitigation: upgrade to `e1d981bfa14b664317285f0f36498f4be4a23406, 4.0a1, 4.1a1, 4.2a1, 4.3a1, 4.3.7, 5.0rc2` or later.
CVE-2015-4669 SQL Injection in xceedium (CVE-2015-4669)
SQL injection in xceedium (CVE-2015-4669). Successful exploitation can lead to full system takeover.
CVE-2017-14125 SQL Injection in wordpress (CVE-2017-14125)
SQL injection in wordpress (CVE-2017-14125). Successful exploitation can lead to full system takeover.
CVE-2010-3049 Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).
Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).
CVE-2010-3050 Vulnerability in dos (CVE-2010-3050)
vulnerability in dos (CVE-2010-3050). Risk of unauthorized operations or information disclosure.
CVE-2015-7318 Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
CVE-2015-5282 Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
CVE-2015-6748 Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
CVE-2015-7316 Cross-Site Scripting (XSS) in plone (CVE-2015-7316)
cross-site scripting in plone (CVE-2015-7316). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3da710a2cd68587f0bf34f2e7ea1167d6eeee087, 4.0a1, 4.1a1, 4.2a1, 4.3a1, 4.3.7, 5.0rc2` or later.
CVE-2015-4668 Open Redirect in xceedium (CVE-2015-4668)
vulnerability in xceedium (CVE-2015-4668). Risk of unauthorized operations or information disclosure.
CVE-2015-4667 Multiple hardcoded credentials in Xsuite 2.x.
Multiple hardcoded credentials in Xsuite 2.x.
CVE-2017-14730 Vulnerability in elasticsearch (CVE-2017-14730)
vulnerability in elasticsearch (CVE-2017-14730). Successful exploitation can lead to full system takeover.
CVE-2015-7317 Vulnerability in kupu-project (CVE-2015-7317)
vulnerability in kupu-project (CVE-2015-7317). Confidential information can be exposed externally.
CVE-2017-1362 Vulnerability in ibm (CVE-2017-1362)
vulnerability in ibm (CVE-2017-1362). Successful exploitation can lead to full system takeover.
CVE-2017-1346 Information Disclosure in ibm (CVE-2017-1346)
vulnerability in ibm (CVE-2017-1346). Risk of unauthorized operations or information disclosure.
CVE-2017-14729 Buffer Overflow in c (CVE-2017-14729)
vulnerability in c (CVE-2017-14729). Successful exploitation can lead to full system takeover.
CVE-2017-1551 Vulnerability in ibm (CVE-2017-1551)
vulnerability in ibm (CVE-2017-1551). Risk of unauthorized operations or information disclosure.
CVE-2017-1555 Vulnerability in ibm (CVE-2017-1555)
vulnerability in ibm (CVE-2017-1555). Risk of unauthorized operations or information disclosure.
CVE-2017-1424 Cross-Site Scripting (XSS) in ibm (CVE-2017-1424)
cross-site scripting in ibm (CVE-2017-1424). Risk of unauthorized operations or information disclosure.
CVE-2017-9551 Cross-Site Scripting (XSS) in mahara (CVE-2017-9551)
cross-site scripting in mahara (CVE-2017-9551). Risk of unauthorized operations or information disclosure.
CVE-2017-14506 Cross-Site Scripting (XSS) in geminabox-project (CVE-2017-14506)
cross-site scripting in geminabox-project (CVE-2017-14506). Risk of unauthorized operations or information disclosure.
CVE-2017-14683 geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
CVE-2017-14725 Open Redirect in wordpress (CVE-2017-14725)
vulnerability in wordpress (CVE-2017-14725). Risk of unauthorized operations or information disclosure.
CVE-2017-14723 SQL Injection in wordpress (CVE-2017-14723)
SQL injection in wordpress (CVE-2017-14723). Successful exploitation can lead to full system takeover.
CVE-2017-14718 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14718)
cross-site scripting in wordpress (CVE-2017-14718). Risk of unauthorized operations or information disclosure.
CVE-2017-14720 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14720)
cross-site scripting in wordpress (CVE-2017-14720). Risk of unauthorized operations or information disclosure.
CVE-2017-14721 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14721)
cross-site scripting in wordpress (CVE-2017-14721). Risk of unauthorized operations or information disclosure.
CVE-2017-14724 Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
CVE-2017-14726 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14726)
cross-site scripting in wordpress (CVE-2017-14726). Risk of unauthorized operations or information disclosure.
CVE-2017-14719 Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
CVE-2017-14722 Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
CVE-2017-14627 Buffer Overflow in cyberlink (CVE-2017-14627)
vulnerability in cyberlink (CVE-2017-14627). Successful exploitation can lead to full system takeover.
CVE-2017-14727 Buffer Overflow in c (CVE-2017-14727)
vulnerability in c (CVE-2017-14727). Risk of unauthorized operations or information disclosure.
CVE-2017-14694 Buffer Overflow in c (CVE-2017-14694)
vulnerability in c (CVE-2017-14694). Successful exploitation can lead to full system takeover.
CVE-2017-14712 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
CVE-2017-14713 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Description parameter.
CVE-2017-14714 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Phonecalls Subject parameter.
CVE-2017-14715 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Alerts Title parameter.
CVE-2017-14716 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Title parameter.
CVE-2017-14717 In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
CVE-2017-14705 OS Command Injection in denyall (CVE-2017-14705)
OS command injection in denyall (CVE-2017-14705). Successful exploitation can lead to full system takeover.
CVE-2017-14706 Authentication Bypass in denyall (CVE-2017-14706)
authentication bypass in denyall (CVE-2017-14706). Successful exploitation can lead to full system takeover.
CVE-2017-6267 Vulnerability in dos (CVE-2017-6267)
vulnerability in dos (CVE-2017-6267). Risk of unauthorized operations or information disclosure.
CVE-2017-6268 Vulnerability in dos (CVE-2017-6268)
vulnerability in dos (CVE-2017-6268). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →