Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2017-1309 Vulnerability in ibm (CVE-2017-1309)
vulnerability in ibm (CVE-2017-1309). Successful exploitation can lead to full system takeover.
CVE-2017-1218 Cross-Site Request Forgery (CSRF) in ibm (CVE-2017-1218)
vulnerability in ibm (CVE-2017-1218). Successful exploitation can lead to full system takeover.
CVE-2017-1224 Vulnerability in ibm (CVE-2017-1224)
vulnerability in ibm (CVE-2017-1224). Confidential information can be exposed externally.
CVE-2017-7977 Command Injection in unicon-software (CVE-2017-7977)
command injection in unicon-software (CVE-2017-7977). Successful exploitation can lead to full system takeover.
CVE-2016-6798 XXE (XML External Entity) in apache (CVE-2016-6798)
vulnerability in apache (CVE-2016-6798). Successful exploitation can lead to full system takeover.
CVE-2016-5394 Cross-Site Scripting (XSS) in apache (CVE-2016-5394)
cross-site scripting in apache (CVE-2016-5394). Risk of unauthorized operations or information disclosure.
CVE-2016-7509 Cross-Site Scripting (XSS) in glpi-project (CVE-2016-7509)
cross-site scripting in glpi-project (CVE-2016-7509). Risk of unauthorized operations or information disclosure.
CVE-2016-7507 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7507)
vulnerability in csrf (CVE-2016-7507). Successful exploitation can lead to full system takeover.
CVE-2017-9764 Cross-Site Scripting (XSS) in metinfo (CVE-2017-9764)
cross-site scripting in metinfo (CVE-2017-9764). Risk of unauthorized operations or information disclosure.
CVE-2017-11444 SQL Injection in sqli (CVE-2017-11444)
SQL injection in sqli (CVE-2017-11444). Successful exploitation can lead to full system takeover.
CVE-2017-11445 SQL Injection in sqli (CVE-2017-11445)
SQL injection in sqli (CVE-2017-11445). Successful exploitation can lead to full system takeover.
CVE-2017-10801 phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI.
phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI.
CVE-2017-11439 In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.
In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.
CVE-2017-11441 Cross-Site Scripting (XSS) in cpanel (CVE-2017-11441)
cross-site scripting in cpanel (CVE-2017-11441). Risk of unauthorized operations or information disclosure.
CVE-2017-11440 Path Traversal in path-traversal (CVE-2017-11440)
path traversal in path-traversal (CVE-2017-11440). Confidential information can be exposed externally.
CVE-2017-11456 Path Traversal in path-traversal (CVE-2017-11456)
path traversal in path-traversal (CVE-2017-11456). Confidential information can be exposed externally.
CVE-2017-11435 Information Disclosure in humaxdigital (CVE-2017-11435)
vulnerability in humaxdigital (CVE-2017-11435). Successful exploitation can lead to full system takeover.
CVE-2017-11448 Information Disclosure in c (CVE-2017-11448)
vulnerability in c (CVE-2017-11448). Confidential information can be exposed externally.
CVE-2017-11436 Vulnerability in dlink (CVE-2017-11436)
vulnerability in dlink (CVE-2017-11436). Successful exploitation can lead to full system takeover.
CVE-2017-11446 Vulnerability in c (CVE-2017-11446)
vulnerability in c (CVE-2017-11446). Risk of unauthorized operations or information disclosure.
CVE-2017-11447 Vulnerability in c (CVE-2017-11447)
vulnerability in c (CVE-2017-11447). Risk of unauthorized operations or information disclosure.
CVE-2017-9245 Information Disclosure in google (CVE-2017-9245)
vulnerability in google (CVE-2017-9245). Confidential information can be exposed externally.
CVE-2017-11406 Vulnerability in c (CVE-2017-11406)
vulnerability in c (CVE-2017-11406). Risk of unauthorized operations or information disclosure.
CVE-2017-11407 Vulnerability in c (CVE-2017-11407)
vulnerability in c (CVE-2017-11407). Risk of unauthorized operations or information disclosure.
CVE-2017-11408 Vulnerability in c (CVE-2017-11408)
vulnerability in c (CVE-2017-11408). Risk of unauthorized operations or information disclosure.
CVE-2017-11410 Vulnerability in c (CVE-2017-11410)
vulnerability in c (CVE-2017-11410). Risk of unauthorized operations or information disclosure.
CVE-2017-11411 Vulnerability in c (CVE-2017-11411)
vulnerability in c (CVE-2017-11411). Risk of unauthorized operations or information disclosure.
CVE-2017-11423 Out-of-Bounds Read in c (CVE-2017-11423)
vulnerability in c (CVE-2017-11423). Risk of unauthorized operations or information disclosure.
CVE-2017-10708 Path Traversal in path-traversal (CVE-2017-10708)
path traversal in path-traversal (CVE-2017-10708). Successful exploitation can lead to full system takeover.
CVE-2017-11421 Code Injection in gnome-exe-thumbnailer-project (CVE-2017-11421)
code injection in gnome-exe-thumbnailer-project (CVE-2017-11421). Successful exploitation can lead to full system takeover.
CVE-2017-5246 Vulnerability in biscom (CVE-2017-5246)
vulnerability in biscom (CVE-2017-5246). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.1.1028` or later.
CVE-2017-5247 Cross-Site Scripting (XSS) in biscom (CVE-2017-5247)
cross-site scripting in biscom (CVE-2017-5247). Risk of unauthorized operations or information disclosure.
CVE-2017-7506 Buffer Overflow in spice-project (CVE-2017-7506)
vulnerability in spice-project (CVE-2017-7506). Successful exploitation can lead to full system takeover.
CVE-2017-10962 REDCap before 7.5.1 has XSS via the query string.
REDCap before 7.5.1 has XSS via the query string.
CVE-2017-6320 OS Command Injection in barracuda (CVE-2017-6320)
OS command injection in barracuda (CVE-2017-6320). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.0.003` or later.
CVE-2017-10961 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10961)
vulnerability in csrf (CVE-2017-10961). Successful exploitation can lead to full system takeover.
CVE-2017-1318 OS Command Injection in ibm (CVE-2017-1318)
OS command injection in ibm (CVE-2017-1318). Successful exploitation can lead to full system takeover.
CVE-2017-11412 SQL Injection in sqli (CVE-2017-11412)
SQL injection in sqli (CVE-2017-11412). Successful exploitation can lead to full system takeover.
CVE-2017-11413 SQL Injection in sqli (CVE-2017-11413)
SQL injection in sqli (CVE-2017-11413). Successful exploitation can lead to full system takeover.
CVE-2017-11414 SQL Injection in sqli (CVE-2017-11414)
SQL injection in sqli (CVE-2017-11414). Successful exploitation can lead to full system takeover.
CVE-2017-11415 SQL Injection in sqli (CVE-2017-11415)
SQL injection in sqli (CVE-2017-11415). Successful exploitation can lead to full system takeover.
CVE-2017-11416 Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
CVE-2017-11417 SQL Injection in sqli (CVE-2017-11417)
SQL injection in sqli (CVE-2017-11417). Successful exploitation can lead to full system takeover.
CVE-2017-11418 SQL Injection in sqli (CVE-2017-11418)
SQL injection in sqli (CVE-2017-11418). Successful exploitation can lead to full system takeover.
CVE-2017-11419 SQL Injection in sqli (CVE-2017-11419)
SQL injection in sqli (CVE-2017-11419). Successful exploitation can lead to full system takeover.
CVE-2017-11420 Buffer Overflow in c (CVE-2017-11420)
vulnerability in c (CVE-2017-11420). Successful exploitation can lead to full system takeover.
CVE-2017-11403 Use-After-Free in c (CVE-2017-11403)
vulnerability in c (CVE-2017-11403). Successful exploitation can lead to full system takeover.
CVE-2017-11404 Unrestricted File Upload in cmsmadesimple (CVE-2017-11404)
vulnerability in cmsmadesimple (CVE-2017-11404). Data can be tampered with by attackers.
CVE-2017-11405 Unrestricted File Upload in cmsmadesimple (CVE-2017-11405)
vulnerability in cmsmadesimple (CVE-2017-11405). Data can be tampered with by attackers.
CVE-2017-7947 Information Disclosure in netapp (CVE-2017-7947)
vulnerability in netapp (CVE-2017-7947). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →