Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2016-10119 |
|
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
|
| CVE-2016-10120 |
|
Vulnerability in firejail-project (CVE-2016-10120)
vulnerability in firejail-project (CVE-2016-10120). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10121 |
|
Vulnerability in firejail-project (CVE-2016-10121)
vulnerability in firejail-project (CVE-2016-10121). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10122 |
|
Vulnerability in firejail-project (CVE-2016-10122)
vulnerability in firejail-project (CVE-2016-10122). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10123 |
|
Vulnerability in firejail-project (CVE-2016-10123)
vulnerability in firejail-project (CVE-2016-10123). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8282 |
|
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
|
| CVE-2012-6697 |
|
InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).
InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).
|
| CVE-2015-8107 |
|
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.
|
| CVE-2015-1838 |
|
Vulnerability in salt (CVE-2015-1838)
vulnerability in salt (CVE-2015-1838). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `e11298d7155e9982749483ca5538e46090caef9c, 2014.7.4` or later.
|
| CVE-2015-1839 |
|
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
|
| CVE-2015-7740 |
|
Vulnerability in dos (CVE-2015-7740)
vulnerability in dos (CVE-2015-7740). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-2710 |
|
Cross-Site Scripting (XSS) in oliver-project (CVE-2014-2710)
cross-site scripting in oliver-project (CVE-2014-2710). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7565 |
|
Cross-Site Scripting (XSS) in emberjs (CVE-2015-7565)
cross-site scripting in emberjs (CVE-2015-7565). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8270 |
|
Vulnerability in c (CVE-2015-8270)
vulnerability in c (CVE-2015-8270). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-6674 |
|
Buffer Overflow in inspircd (CVE-2015-6674)
vulnerability in inspircd (CVE-2015-6674). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7628 |
|
SQL Injection in sqli (CVE-2017-7628)
SQL injection in sqli (CVE-2017-7628). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7626 |
|
Cross-Site Scripting (XSS) in smart-related-articles-project (CVE-2017-7626)
cross-site scripting in smart-related-articles-project (CVE-2017-7626). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7747 |
|
Vulnerability in c (CVE-2017-7747)
vulnerability in c (CVE-2017-7747). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7700 |
|
Vulnerability in c (CVE-2017-7700)
vulnerability in c (CVE-2017-7700). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7701 |
|
Vulnerability in c (CVE-2017-7701)
vulnerability in c (CVE-2017-7701). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7702 |
|
Vulnerability in c (CVE-2017-7702)
vulnerability in c (CVE-2017-7702). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7704 |
|
Vulnerability in c (CVE-2017-7704)
vulnerability in c (CVE-2017-7704). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7705 |
|
Vulnerability in c (CVE-2017-7705)
vulnerability in c (CVE-2017-7705). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7745 |
|
Vulnerability in c (CVE-2017-7745)
vulnerability in c (CVE-2017-7745). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7746 |
|
Vulnerability in c (CVE-2017-7746)
vulnerability in c (CVE-2017-7746). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7748 |
|
Vulnerability in c (CVE-2017-7748)
vulnerability in c (CVE-2017-7748). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7703 |
|
Vulnerability in c (CVE-2017-7703)
vulnerability in c (CVE-2017-7703). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4895 |
|
Code Injection in setucocms-project (CVE-2016-4895)
code injection in setucocms-project (CVE-2016-4895). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7284 |
|
Authentication Bypass in unitrends (CVE-2017-7284)
authentication bypass in unitrends (CVE-2017-7284). Successful exploitation can lead to full system takeover.
|
| CVE-2016-1178 |
|
Vulnerability in appleple (CVE-2016-1178)
vulnerability in appleple (CVE-2016-1178). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7564 |
|
SQL Injection in c (CVE-2015-7564)
SQL injection in c (CVE-2015-7564). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4337 |
|
SQL Injection in csharp (CVE-2016-4337)
SQL injection in csharp (CVE-2016-4337). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4893 |
|
SQL Injection in sqli (CVE-2016-4893)
SQL injection in sqli (CVE-2016-4893). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7280 |
|
Vulnerability in unitrends (CVE-2017-7280)
vulnerability in unitrends (CVE-2017-7280). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7562 |
|
Cross-Site Scripting (XSS) in teampass (CVE-2015-7562)
cross-site scripting in teampass (CVE-2015-7562). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-1179 |
|
Cross-Site Scripting (XSS) in appleple (CVE-2016-1179)
cross-site scripting in appleple (CVE-2016-1179). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-2803 |
|
Cross-Site Scripting (XSS) in mozilla (CVE-2016-2803)
cross-site scripting in mozilla (CVE-2016-2803). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4892 |
|
Cross-Site Scripting (XSS) in setucocms-project (CVE-2016-4892)
cross-site scripting in setucocms-project (CVE-2016-4892). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4897 |
|
Cross-Site Scripting (XSS) in webmin (CVE-2016-4897)
cross-site scripting in webmin (CVE-2016-4897). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6348 |
|
Cross-Site Scripting (XSS) in redhat (CVE-2016-6348)
cross-site scripting in redhat (CVE-2016-6348). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5313 |
|
OS Command Injection in symantec (CVE-2016-5313)
OS command injection in symantec (CVE-2016-5313). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7281 |
|
Unrestricted File Upload in unitrends (CVE-2017-7281)
vulnerability in unitrends (CVE-2017-7281). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7563 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-7563)
vulnerability in csrf (CVE-2015-7563). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4891 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-4891)
vulnerability in csrf (CVE-2016-4891). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4896 |
|
Vulnerability in setucocms-project (CVE-2016-4896)
vulnerability in setucocms-project (CVE-2016-4896). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5856 |
|
Vulnerability in c (CVE-2016-5856)
vulnerability in c (CVE-2016-5856). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4459 |
|
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9.
|
| CVE-2016-6808 |
|
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
|
| CVE-2016-9957 |
|
Stack-based buffer overflow in game-music-emu before 0.6.1.
Stack-based buffer overflow in game-music-emu before 0.6.1.
|
| CVE-2016-9958 |
|
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
|