Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-7239 |
|
Vulnerability in dos (CVE-2017-7239)
vulnerability in dos (CVE-2017-7239). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6878 |
|
Vulnerability in botan-project (CVE-2016-6878)
vulnerability in botan-project (CVE-2016-6878). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7185 |
|
Use-After-Free in c (CVE-2017-7185)
vulnerability in c (CVE-2017-7185). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7824 |
|
Information Disclosure in botan-project (CVE-2015-7824)
vulnerability in botan-project (CVE-2015-7824). Confidential information can be exposed externally.
|
| CVE-2017-5607 |
|
Information Disclosure in c (CVE-2017-5607)
vulnerability in c (CVE-2017-5607). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7345 |
|
Information Disclosure in netapp (CVE-2017-7345)
vulnerability in netapp (CVE-2017-7345). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7377 |
|
Vulnerability in c (CVE-2017-7377)
vulnerability in c (CVE-2017-7377). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8378 |
|
Information Disclosure in keepassx-project (CVE-2015-8378)
vulnerability in keepassx-project (CVE-2015-8378). Confidential information can be exposed externally.
|
| CVE-2017-7618 |
|
Vulnerability in c (CVE-2017-7618)
vulnerability in c (CVE-2017-7618). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7619 |
|
Vulnerability in imagemagick (CVE-2017-7619)
vulnerability in imagemagick (CVE-2017-7619). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7616 |
|
Vulnerability in c (CVE-2017-7616)
vulnerability in c (CVE-2017-7616). Confidential information can be exposed externally.
|
| CVE-2016-10321 |
|
Vulnerability in web2py (CVE-2016-10321)
vulnerability in web2py (CVE-2016-10321). Successful exploitation can lead to full system takeover.
|
| CVE-2016-10304 |
|
Unsafe Deserialization in dos (CVE-2016-10304)
vulnerability in dos (CVE-2016-10304). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6190 |
|
Path Traversal in path-traversal (CVE-2017-6190)
path traversal in path-traversal (CVE-2017-6190). Confidential information can be exposed externally. Exploitable via `GET /uir/`.
|
| CVE-2016-6605 |
|
Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.
Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization.
|
| CVE-2017-7617 |
|
Buffer Overflow in digium (CVE-2017-7617)
vulnerability in digium (CVE-2017-7617). Successful exploitation can lead to full system takeover.
|
| CVE-2016-6534 |
|
Command Injection in opmantek (CVE-2016-6534)
command injection in opmantek (CVE-2016-6534). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5642 |
|
Opmantek NMIS before 8.5.12G has XSS via SNMP.
Opmantek NMIS before 8.5.12G has XSS via SNMP.
|
| CVE-2016-5682 |
|
Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section.
Swagger-UI before 2.2.1 has XSS via the Default field in the Definitions section.
|
| CVE-2016-5065 |
|
Command Injection in sierrawireless (CVE-2016-5065)
command injection in sierrawireless (CVE-2016-5065). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5067 |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
|
| CVE-2016-1517 |
|
Vulnerability in dos (CVE-2016-1517)
vulnerability in dos (CVE-2016-1517). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4317 |
|
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
|
| CVE-2016-4318 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2016-4318)
cross-site scripting in atlassian (CVE-2016-4318). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5055 |
|
Cross-Site Scripting (XSS) in osram (CVE-2016-5055)
cross-site scripting in osram (CVE-2016-5055). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5073 |
|
CloudView NMS before 2.10a has XSS via SNMP.
CloudView NMS before 2.10a has XSS via SNMP.
|
| CVE-2016-5075 |
|
CloudView NMS before 2.10a has XSS via a TELNET login.
CloudView NMS before 2.10a has XSS via a TELNET login.
|
| CVE-2016-5077 |
|
Netikus EventSentry before 3.2.1.44 has XSS via SNMP.
Netikus EventSentry before 3.2.1.44 has XSS via SNMP.
|
| CVE-2016-5078 |
|
Paessler PRTG before 16.2.24.4045 has XSS via SNMP.
Paessler PRTG before 16.2.24.4045 has XSS via SNMP.
|
| CVE-2016-1516 |
|
OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.
OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code.
|
| CVE-2015-8276 |
|
Information Disclosure in eparaksts (CVE-2015-8276)
vulnerability in eparaksts (CVE-2015-8276). Confidential information can be exposed externally.
|
| CVE-2016-5051 |
|
Information Disclosure in osram (CVE-2016-5051)
vulnerability in osram (CVE-2016-5051). Confidential information can be exposed externally.
|
| CVE-2016-5059 |
|
Information Disclosure in osram (CVE-2016-5059)
vulnerability in osram (CVE-2016-5059). Confidential information can be exposed externally.
|
| CVE-2016-5076 |
|
Information Disclosure in cloudviewnms (CVE-2016-5076)
vulnerability in cloudviewnms (CVE-2016-5076). Confidential information can be exposed externally.
|
| CVE-2016-5053 |
|
Vulnerability in osram (CVE-2016-5053)
vulnerability in osram (CVE-2016-5053). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4319 |
|
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
|
| CVE-2016-5074 |
|
CloudView NMS before 2.10a has a format string issue exploitable over SNMP.
CloudView NMS before 2.10a has a format string issue exploitable over SNMP.
|
| CVE-2016-5071 |
|
Vulnerability in sierrawireless (CVE-2016-5071)
vulnerability in sierrawireless (CVE-2016-5071). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5056 |
|
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
|
| CVE-2016-5066 |
|
Vulnerability in sierrawireless (CVE-2016-5066)
vulnerability in sierrawireless (CVE-2016-5066). Successful exploitation can lead to full system takeover.
|
| CVE-2016-5070 |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
|
| CVE-2016-5052 |
|
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
|
| CVE-2016-5057 |
|
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
|
| CVE-2016-5072 |
|
Code Injection in oxidforge (CVE-2016-5072)
code injection in oxidforge (CVE-2016-5072). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4320 |
|
Path Traversal in path-traversal (CVE-2016-4320)
path traversal in path-traversal (CVE-2016-4320). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5068 |
|
Authentication Bypass in sierrawireless (CVE-2016-5068)
authentication bypass in sierrawireless (CVE-2016-5068). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8275 |
|
Vulnerability in eparaksts (CVE-2015-8275)
vulnerability in eparaksts (CVE-2015-8275). Data can be tampered with by attackers.
|
| CVE-2016-5054 |
|
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
|
| CVE-2016-5058 |
|
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
|
| CVE-2016-4334 |
|
Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
|