Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-1309 |
|
Vulnerability in ibm (CVE-2017-1309)
vulnerability in ibm (CVE-2017-1309). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1218 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2017-1218)
vulnerability in ibm (CVE-2017-1218). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1224 |
|
Vulnerability in ibm (CVE-2017-1224)
vulnerability in ibm (CVE-2017-1224). Confidential information can be exposed externally.
|
| CVE-2017-7977 |
|
Command Injection in unicon-software (CVE-2017-7977)
command injection in unicon-software (CVE-2017-7977). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6798 |
|
XXE (XML External Entity) in apache (CVE-2016-6798)
vulnerability in apache (CVE-2016-6798). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5394 |
|
Cross-Site Scripting (XSS) in apache (CVE-2016-5394)
cross-site scripting in apache (CVE-2016-5394). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-7509 |
|
Cross-Site Scripting (XSS) in glpi-project (CVE-2016-7509)
cross-site scripting in glpi-project (CVE-2016-7509). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-7507 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7507)
vulnerability in csrf (CVE-2016-7507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9764 |
|
Cross-Site Scripting (XSS) in metinfo (CVE-2017-9764)
cross-site scripting in metinfo (CVE-2017-9764). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11444 |
|
SQL Injection in sqli (CVE-2017-11444)
SQL injection in sqli (CVE-2017-11444). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11445 |
|
SQL Injection in sqli (CVE-2017-11445)
SQL injection in sqli (CVE-2017-11445). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10801 |
|
phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI.
phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO to the search/tag/ URI.
|
| CVE-2017-11439 |
|
In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.
In Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.
|
| CVE-2017-11441 |
|
Cross-Site Scripting (XSS) in cpanel (CVE-2017-11441)
cross-site scripting in cpanel (CVE-2017-11441). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11440 |
|
Path Traversal in path-traversal (CVE-2017-11440)
path traversal in path-traversal (CVE-2017-11440). Confidential information can be exposed externally.
|
| CVE-2017-11456 |
|
Path Traversal in path-traversal (CVE-2017-11456)
path traversal in path-traversal (CVE-2017-11456). Confidential information can be exposed externally.
|
| CVE-2017-11435 |
|
Information Disclosure in humaxdigital (CVE-2017-11435)
vulnerability in humaxdigital (CVE-2017-11435). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11448 |
|
Information Disclosure in c (CVE-2017-11448)
vulnerability in c (CVE-2017-11448). Confidential information can be exposed externally.
|
| CVE-2017-11436 |
|
Vulnerability in dlink (CVE-2017-11436)
vulnerability in dlink (CVE-2017-11436). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11446 |
|
Vulnerability in c (CVE-2017-11446)
vulnerability in c (CVE-2017-11446). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11447 |
|
Vulnerability in c (CVE-2017-11447)
vulnerability in c (CVE-2017-11447). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9245 |
|
Information Disclosure in google (CVE-2017-9245)
vulnerability in google (CVE-2017-9245). Confidential information can be exposed externally.
|
| CVE-2017-11406 |
|
Vulnerability in c (CVE-2017-11406)
vulnerability in c (CVE-2017-11406). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11407 |
|
Vulnerability in c (CVE-2017-11407)
vulnerability in c (CVE-2017-11407). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11408 |
|
Vulnerability in c (CVE-2017-11408)
vulnerability in c (CVE-2017-11408). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11410 |
|
Vulnerability in c (CVE-2017-11410)
vulnerability in c (CVE-2017-11410). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11411 |
|
Vulnerability in c (CVE-2017-11411)
vulnerability in c (CVE-2017-11411). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11423 |
|
Out-of-Bounds Read in c (CVE-2017-11423)
vulnerability in c (CVE-2017-11423). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10708 |
|
Path Traversal in path-traversal (CVE-2017-10708)
path traversal in path-traversal (CVE-2017-10708). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11421 |
|
Code Injection in gnome-exe-thumbnailer-project (CVE-2017-11421)
code injection in gnome-exe-thumbnailer-project (CVE-2017-11421). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5246 |
|
Vulnerability in biscom (CVE-2017-5246)
vulnerability in biscom (CVE-2017-5246). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.1.1028` or later.
|
| CVE-2017-5247 |
|
Cross-Site Scripting (XSS) in biscom (CVE-2017-5247)
cross-site scripting in biscom (CVE-2017-5247). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7506 |
|
Buffer Overflow in spice-project (CVE-2017-7506)
vulnerability in spice-project (CVE-2017-7506). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10962 |
|
REDCap before 7.5.1 has XSS via the query string.
REDCap before 7.5.1 has XSS via the query string.
|
| CVE-2017-6320 |
|
OS Command Injection in barracuda (CVE-2017-6320)
OS command injection in barracuda (CVE-2017-6320). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.1.0.003` or later.
|
| CVE-2017-10961 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10961)
vulnerability in csrf (CVE-2017-10961). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1318 |
|
OS Command Injection in ibm (CVE-2017-1318)
OS command injection in ibm (CVE-2017-1318). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11412 |
|
SQL Injection in sqli (CVE-2017-11412)
SQL injection in sqli (CVE-2017-11412). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11413 |
|
SQL Injection in sqli (CVE-2017-11413)
SQL injection in sqli (CVE-2017-11413). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11414 |
|
SQL Injection in sqli (CVE-2017-11414)
SQL injection in sqli (CVE-2017-11414). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11415 |
|
SQL Injection in sqli (CVE-2017-11415)
SQL injection in sqli (CVE-2017-11415). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11416 |
|
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
Fiyo CMS 2.0.7 has SQL injection in /apps/app_comment/controller/insert.php via the name parameter.
|
| CVE-2017-11417 |
|
SQL Injection in sqli (CVE-2017-11417)
SQL injection in sqli (CVE-2017-11417). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11418 |
|
SQL Injection in sqli (CVE-2017-11418)
SQL injection in sqli (CVE-2017-11418). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11419 |
|
SQL Injection in sqli (CVE-2017-11419)
SQL injection in sqli (CVE-2017-11419). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11420 |
|
Buffer Overflow in c (CVE-2017-11420)
vulnerability in c (CVE-2017-11420). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11403 |
|
Use-After-Free in c (CVE-2017-11403)
vulnerability in c (CVE-2017-11403). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11404 |
|
Unrestricted File Upload in cmsmadesimple (CVE-2017-11404)
vulnerability in cmsmadesimple (CVE-2017-11404). Data can be tampered with by attackers.
|
| CVE-2017-11405 |
|
Unrestricted File Upload in cmsmadesimple (CVE-2017-11405)
vulnerability in cmsmadesimple (CVE-2017-11405). Data can be tampered with by attackers.
|
| CVE-2017-7947 |
|
Information Disclosure in netapp (CVE-2017-7947)
vulnerability in netapp (CVE-2017-7947). Confidential information can be exposed externally.
|