Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2020-29006 Vulnerability in misp-project (CVE-2020-29006)
vulnerability in misp-project (CVE-2020-29006). Successful exploitation can lead to full system takeover.
CVE-2020-25466 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-25466)
SSRF in ssrf (CVE-2020-25466). Successful exploitation can lead to full system takeover.
CVE-2018-5353 Vulnerability in zohocorp (CVE-2018-5353)
vulnerability in zohocorp (CVE-2018-5353). Successful exploitation can lead to full system takeover.
CVE-2020-24193 SQL Injection in sqli (CVE-2020-24193)
SQL injection in sqli (CVE-2020-24193). Successful exploitation can lead to full system takeover.
CVE-2022-28932 D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
CVE-2015-0987 Information Disclosure in omron (CVE-2015-0987)
vulnerability in omron (CVE-2015-0987). Confidential information can be exposed externally.
CVE-2022-29351 Unrestricted File Upload in tiddlywiki (CVE-2022-29351)
vulnerability in tiddlywiki (CVE-2022-29351). Successful exploitation can lead to full system takeover.
CVE-2018-8851 Vulnerability in echelon (CVE-2018-8851)
vulnerability in echelon (CVE-2018-8851). Successful exploitation can lead to full system takeover.
CVE-2018-11091 Unrestricted File Upload in mybiz (CVE-2018-11091)
vulnerability in mybiz (CVE-2018-11091). Successful exploitation can lead to full system takeover.
CVE-2018-7791 Authentication Bypass in schneider-electric (CVE-2018-7791)
authentication bypass in schneider-electric (CVE-2018-7791). Successful exploitation can lead to full system takeover.
CVE-2018-7790 Vulnerability in schneider-electric (CVE-2018-7790)
vulnerability in schneider-electric (CVE-2018-7790). Successful exploitation can lead to full system takeover.
CVE-2022-28568 Unrestricted File Upload in simple-doctors-appointment-system-project (CVE-2022-28568)
vulnerability in simple-doctors-appointment-system-project (CVE-2022-28568). Successful exploitation can lead to full system takeover.
CVE-2022-29347 Unrestricted File Upload in web-at-rchiv-project (CVE-2022-29347)
vulnerability in web-at-rchiv-project (CVE-2022-29347). Successful exploitation can lead to full system takeover.
CVE-2021-43163 Command Injection in ruijienetworks (CVE-2021-43163)
command injection in ruijienetworks (CVE-2021-43163). Successful exploitation can lead to full system takeover.
CVE-2021-41945 Vulnerability in encode (CVE-2021-41945)
vulnerability in encode (CVE-2021-41945). Confidential information can be exposed externally. Exploitable via ``httpx.URL``.
CVE-2022-27984 SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
CVE-2022-27985 SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
CVE-2022-29528 An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
CVE-2022-27262 Unrestricted File Upload in sailsjs (CVE-2022-27262)
vulnerability in sailsjs (CVE-2022-27262). Successful exploitation can lead to full system takeover.
CVE-2022-28397 Unrestricted File Upload in ghost (CVE-2022-28397)
vulnerability in ghost (CVE-2022-28397). Successful exploitation can lead to full system takeover.
CVE-2022-27260 Unrestricted File Upload in buttercms (CVE-2022-27260)
vulnerability in buttercms (CVE-2022-27260). Successful exploitation can lead to full system takeover.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2022-26645 Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
CVE-2021-46007 OS Command Injection in totolink (CVE-2021-46007)
OS command injection in totolink (CVE-2021-46007). Successful exploitation can lead to full system takeover.
CVE-2021-46009 Vulnerability in totolink (CVE-2021-46009)
vulnerability in totolink (CVE-2021-46009). Successful exploitation can lead to full system takeover.
CVE-2022-25521 UNNO v03.11.00 was discovered to contain access control issue.
UNNO v03.11.00 was discovered to contain access control issue.
CVE-2018-1273 KEV [KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2018-1273)
code injection in Vmware tanzu vmware-tanzu (CVE-2018-1273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2021-42237 KEV [KEV] Unsafe Deserialization in Sitecore xp (CVE-2021-42237)
vulnerability in Sitecore xp (CVE-2021-42237). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2021-45756 Vulnerability in asus (CVE-2021-45756)
vulnerability in asus (CVE-2021-45756). Successful exploitation can lead to full system takeover.
CVE-2022-25578 Code Injection in taogogo (CVE-2022-25578)
code injection in taogogo (CVE-2022-25578). Successful exploitation can lead to full system takeover.
CVE-2021-45834 Unrestricted File Upload in opendocman (CVE-2021-45834)
vulnerability in opendocman (CVE-2021-45834). Successful exploitation can lead to full system takeover.
CVE-2021-44088 SQL Injection in sqli (CVE-2021-44088)
SQL injection in sqli (CVE-2021-44088). Successful exploitation can lead to full system takeover.
CVE-2021-44620 Command Injection in totolink (CVE-2021-44620)
command injection in totolink (CVE-2021-44620). Successful exploitation can lead to full system takeover.
CVE-2022-23383 Authentication Bypass in yzmcms (CVE-2022-23383)
authentication bypass in yzmcms (CVE-2022-23383). Confidential information can be exposed externally.
CVE-2022-0715 Authentication Bypass in schneider-electric (CVE-2022-0715)
authentication bypass in schneider-electric (CVE-2022-0715). Data can be tampered with by attackers.
CVE-2022-25089 Printix Secure Cloud Print Management 1.3.1035.0 incorrectly uses Privileged APIs.
Printix Secure Cloud Print Management 1.3.1035.0 incorrectly uses Privileged APIs.
CVE-2022-25060 OS Command Injection in tp-link (CVE-2022-25060)
OS command injection in tp-link (CVE-2022-25060). Successful exploitation can lead to full system takeover.
CVE-2022-25064 OS Command Injection in tp-link (CVE-2022-25064)
OS command injection in tp-link (CVE-2022-25064). Successful exploitation can lead to full system takeover.
CVE-2022-25061 OS Command Injection in tp-link (CVE-2022-25061)
OS command injection in tp-link (CVE-2022-25061). Successful exploitation can lead to full system takeover.
CVE-2022-0664 Vulnerability in netmaker (CVE-2022-0664)
vulnerability in netmaker (CVE-2022-0664). Successful exploitation can lead to full system takeover.
CVE-2021-45420 Information Disclosure in dos (CVE-2021-45420)
vulnerability in dos (CVE-2021-45420). Successful exploitation can lead to full system takeover.
CVE-2021-42637 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-42637)
SSRF in ssrf (CVE-2021-42637). Successful exploitation can lead to full system takeover.
CVE-2021-42640 Vulnerability in printerlogic (CVE-2021-42640)
vulnerability in printerlogic (CVE-2021-42640). Confidential information can be exposed externally.
CVE-2021-44971 Vulnerability in tenda (CVE-2021-44971)
vulnerability in tenda (CVE-2021-44971). Successful exploitation can lead to full system takeover.
CVE-2022-23305 SQL Injection in log4j:log4j (CVE-2022-23305)
SQL injection in log4j:log4j (CVE-2022-23305). Successful exploitation can lead to full system takeover.
CVE-2021-44732 Vulnerability in arm (CVE-2021-44732)
vulnerability in arm (CVE-2021-44732). Successful exploitation can lead to full system takeover.
CVE-2021-42216 A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
CVE-2021-41716 Authentication Bypass in mahadiscom (CVE-2021-41716)
authentication bypass in mahadiscom (CVE-2021-41716). Successful exploitation can lead to full system takeover.
CVE-2020-25366 Vulnerability in dos (CVE-2020-25366)
vulnerability in dos (CVE-2020-25366). Data can be tampered with by attackers.
CVE-2020-25367 Command Injection in dlink (CVE-2020-25367)
command injection in dlink (CVE-2020-25367). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →