Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-1000486 KEV |
|
[KEV] Vulnerability in Primetek primefaces-application (CVE-2017-1000486)
vulnerability in Primetek primefaces-application (CVE-2017-1000486). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-4102 KEV |
|
[KEV] Use-After-Free in Google chromium-v8 (CVE-2021-4102)
vulnerability in Google chromium-v8 (CVE-2021-4102). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17463 KEV |
|
[KEV] SQL Injection in Fuel cms fuel-cms (CVE-2020-17463)
SQL injection in Fuel cms fuel-cms (CVE-2020-17463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-17562 KEV |
|
[KEV] Vulnerability in Embedthis goahead (CVE-2017-17562)
vulnerability in Embedthis goahead (CVE-2017-17562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-1871 KEV |
|
[KEV] Vulnerability in Red hat red-hat (CVE-2010-1871)
vulnerability in Red hat red-hat (CVE-2010-1871). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44228 KEV |
|
[KEV] Vulnerability in Apache log4j2 (CVE-2021-44228)
vulnerability in Apache log4j2 (CVE-2021-44228). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-35394 KEV |
|
[KEV] OS Command Injection in Realtek jungle-software-development-kit-sdk (CVE-2021-35394)
OS command injection in Realtek jungle-software-development-kit-sdk (CVE-2021-35394). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8816 KEV |
|
[KEV] OS Command Injection in Pi-hole adminlte (CVE-2020-8816)
OS command injection in Pi-hole adminlte (CVE-2020-8816). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0193 KEV |
|
[KEV] Code Injection in Apache solr (CVE-2019-0193)
code injection in Apache solr (CVE-2019-0193). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-12149 KEV |
|
[KEV] Unsafe Deserialization in Red hat red-hat (CVE-2017-12149)
vulnerability in Red hat red-hat (CVE-2017-12149). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-13272 KEV |
|
[KEV] Privilege Escalation in Linux kernel (CVE-2019-13272)
vulnerability in Linux kernel (CVE-2019-13272). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44168 KEV |
|
[KEV] Vulnerability in Fortinet fortios (CVE-2021-44168)
vulnerability in Fortinet fortios (CVE-2021-44168). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11261 KEV |
|
[KEV] Vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261)
vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2021-01-05` or later.
|
| CVE-2021-40438 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in apache (CVE-2021-40438)
SSRF in apache (CVE-2021-40438). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-14847 KEV |
|
[KEV] Path Traversal in Mikrotik routeros (CVE-2018-14847)
path traversal in Mikrotik routeros (CVE-2018-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37415 KEV |
|
[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415)
vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44077 KEV |
|
[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077)
vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40449 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2021-40449)
vulnerability in Microsoft windows (CVE-2021-40449). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42321 KEV |
|
[KEV] Vulnerability in Microsoft exchange (CVE-2021-42321)
vulnerability in Microsoft exchange (CVE-2021-42321). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22204 KEV |
|
[KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42292 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2021-42292)
vulnerability in Microsoft office (CVE-2021-42292). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27101 KEV |
|
[KEV] SQL Injection in Accellion fta (CVE-2021-27101)
SQL injection in Accellion fta (CVE-2021-27101). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42258 KEV |
|
[KEV] SQL Injection in Bqe billquick-web-suite (CVE-2021-42258)
SQL injection in Bqe billquick-web-suite (CVE-2021-42258). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7481 KEV |
|
[KEV] SQL Injection in Sonicwall sma100 (CVE-2019-7481)
SQL injection in Sonicwall sma100 (CVE-2019-7481). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-20016 KEV |
|
[KEV] SQL Injection in Sonicwall sslvpn-sma100 (CVE-2021-20016)
SQL injection in Sonicwall sslvpn-sma100 (CVE-2021-20016). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-12271 KEV |
|
[KEV] SQL Injection in Sophos sfos (CVE-2020-12271)
SQL injection in Sophos sfos (CVE-2020-12271). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0541 KEV |
|
[KEV] Command Injection in Microsoft mshtml (CVE-2019-0541)
command injection in Microsoft mshtml (CVE-2019-0541). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22899 KEV |
|
[KEV] Command Injection in Ivanti pulse-connect-secure (CVE-2021-22899)
command injection in Ivanti pulse-connect-secure (CVE-2021-22899). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27104 KEV |
|
[KEV] Vulnerability in Accellion fta (CVE-2021-27104)
vulnerability in Accellion fta (CVE-2021-27104). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27102 KEV |
|
[KEV] Vulnerability in Accellion fta (CVE-2021-27102)
vulnerability in Accellion fta (CVE-2021-27102). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0041 KEV |
|
[KEV] Vulnerability in android (CVE-2020-0041)
vulnerability in android (CVE-2020-0041). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-5638 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2017-5638)
vulnerability in Apache struts (CVE-2017-5638). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-11776 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2018-11776)
vulnerability in Apache struts (CVE-2018-11776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30860 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2021-30860)
vulnerability in Apple multiple-products (CVE-2021-30860). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30663 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2021-30663)
vulnerability in Apple multiple-products (CVE-2021-30663). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-3452 KEV |
|
[KEV] Vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3452)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3452). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0171 KEV |
|
[KEV] Vulnerability in Cisco ios-and-ios-xe (CVE-2018-0171)
vulnerability in Cisco ios-and-ios-xe (CVE-2018-0171). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-3161 KEV |
|
[KEV] Vulnerability in cisco (CVE-2020-3161)
vulnerability in cisco (CVE-2020-3161). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0296 KEV |
|
[KEV] Vulnerability in Cisco adaptive-security-appliance-asa (CVE-2018-0296)
vulnerability in Cisco adaptive-security-appliance-asa (CVE-2018-0296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8195 KEV |
|
[KEV] Vulnerability in Citrix application-delivery-controller-adc (CVE-2020-8195)
vulnerability in Citrix application-delivery-controller-adc (CVE-2020-8195). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-9822 KEV |
|
[KEV] Vulnerability in Dotnetnuke (dnn) dotnetnuke-dnn (CVE-2017-9822)
vulnerability in Dotnetnuke (dnn) dotnetnuke-dnn (CVE-2017-9822). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7600 KEV |
|
[KEV] Vulnerability in drupal (CVE-2018-7600)
vulnerability in drupal (CVE-2018-7600). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22205 KEV |
|
[KEV] Vulnerability in Gitlab community-and-enterprise-editions (CVE-2021-22205)
vulnerability in Gitlab community-and-enterprise-editions (CVE-2021-22205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-38000 KEV |
|
[KEV] Vulnerability in Google chromium-intents (CVE-2021-38000)
vulnerability in Google chromium-intents (CVE-2021-38000). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21220 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2021-21220)
vulnerability in Google chromium-v8 (CVE-2021-21220). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3718 KEV |
|
[KEV] Vulnerability in imagemagick (CVE-2016-3718)
vulnerability in imagemagick (CVE-2016-3718). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22502 KEV |
|
[KEV] Vulnerability in Micro focus micro-focus (CVE-2021-22502)
vulnerability in Micro focus micro-focus (CVE-2021-22502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0185 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2016-0185)
vulnerability in Microsoft windows (CVE-2016-0185). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0143 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2017-0143)
vulnerability in Microsoft windows (CVE-2017-0143). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-31207 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-31207)
vulnerability in Microsoft exchange-server (CVE-2021-31207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|