Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2017-13697 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
CVE-2017-13692 Vulnerability in c (CVE-2017-13692)
vulnerability in c (CVE-2017-13692). Risk of unauthorized operations or information disclosure.
CVE-2017-13693 Information Disclosure in c (CVE-2017-13693)
vulnerability in c (CVE-2017-13693). Confidential information can be exposed externally.
CVE-2017-13694 Information Disclosure in c (CVE-2017-13694)
vulnerability in c (CVE-2017-13694). Confidential information can be exposed externally.
CVE-2017-13695 Information Disclosure in c (CVE-2017-13695)
vulnerability in c (CVE-2017-13695). Confidential information can be exposed externally.
CVE-2017-13686 Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
CVE-2015-8352 Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
CVE-2015-8355 SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
CVE-2014-4616 Vulnerability in simplejson-project (CVE-2014-4616)
vulnerability in simplejson-project (CVE-2014-4616). Confidential information can be exposed externally.
CVE-2017-13671 Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
CVE-2017-9555 Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
CVE-2017-12679 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-13669 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-9507 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
CVE-2017-9508 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
CVE-2017-9509 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
CVE-2017-9510 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
CVE-2017-12134 Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
CVE-2017-12137 Vulnerability in c (CVE-2017-12137)
vulnerability in c (CVE-2017-12137). Successful exploitation can lead to full system takeover.
CVE-2017-13658 Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
CVE-2017-13648 Vulnerability in c (CVE-2017-13648)
vulnerability in c (CVE-2017-13648). Risk of unauthorized operations or information disclosure.
CVE-2017-13147 Vulnerability in c (CVE-2017-13147)
vulnerability in c (CVE-2017-13147). Successful exploitation can lead to full system takeover.
CVE-2017-12970 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
CVE-2017-12971 Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
CVE-2017-13137 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
CVE-2017-13138 Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
CVE-2017-12858 Vulnerability in c (CVE-2017-12858)
vulnerability in c (CVE-2017-12858). Successful exploitation can lead to full system takeover.
CVE-2017-13139 Out-of-Bounds Read in c (CVE-2017-13139)
vulnerability in c (CVE-2017-13139). Successful exploitation can lead to full system takeover.
CVE-2017-13140 Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
CVE-2017-13141 Vulnerability in c (CVE-2017-13141)
vulnerability in c (CVE-2017-13141). Risk of unauthorized operations or information disclosure.
CVE-2017-13143 Information Disclosure in c (CVE-2017-13143)
vulnerability in c (CVE-2017-13143). Confidential information can be exposed externally.
CVE-2017-13145 Vulnerability in c (CVE-2017-13145)
vulnerability in c (CVE-2017-13145). Risk of unauthorized operations or information disclosure.
CVE-2017-13146 Vulnerability in c (CVE-2017-13146)
vulnerability in c (CVE-2017-13146). Successful exploitation can lead to full system takeover.
CVE-2017-13131 Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.
CVE-2017-13132 Vulnerability in c (CVE-2017-13132)
vulnerability in c (CVE-2017-13132). Risk of unauthorized operations or information disclosure.
CVE-2017-13133 Vulnerability in c (CVE-2017-13133)
vulnerability in c (CVE-2017-13133). Risk of unauthorized operations or information disclosure.
CVE-2017-13134 Out-of-Bounds Read in c (CVE-2017-13134)
vulnerability in c (CVE-2017-13134). Risk of unauthorized operations or information disclosure.
CVE-2017-13058 Vulnerability in c (CVE-2017-13058)
vulnerability in c (CVE-2017-13058). Risk of unauthorized operations or information disclosure.
CVE-2017-13059 Vulnerability in c (CVE-2017-13059)
vulnerability in c (CVE-2017-13059). Risk of unauthorized operations or information disclosure.
CVE-2017-13060 Vulnerability in c (CVE-2017-13060)
vulnerability in c (CVE-2017-13060). Risk of unauthorized operations or information disclosure.
CVE-2017-13061 Vulnerability in c (CVE-2017-13061)
vulnerability in c (CVE-2017-13061). Risk of unauthorized operations or information disclosure.
CVE-2017-13062 Vulnerability in c (CVE-2017-13062)
vulnerability in c (CVE-2017-13062). Risk of unauthorized operations or information disclosure.
CVE-2017-13063 Buffer Overflow in c (CVE-2017-13063)
vulnerability in c (CVE-2017-13063). Risk of unauthorized operations or information disclosure.
CVE-2017-13064 Buffer Overflow in c (CVE-2017-13064)
vulnerability in c (CVE-2017-13064). Risk of unauthorized operations or information disclosure.
CVE-2017-13065 Vulnerability in c (CVE-2017-13065)
vulnerability in c (CVE-2017-13065). Risk of unauthorized operations or information disclosure.
CVE-2017-13066 GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
CVE-2017-12978 Cross-Site Scripting (XSS) in cacti (CVE-2017-12978)
cross-site scripting in cacti (CVE-2017-12978). Risk of unauthorized operations or information disclosure.
CVE-2017-12979 Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12979)
cross-site scripting in dokuwiki (CVE-2017-12979). Risk of unauthorized operations or information disclosure.
CVE-2017-12980 Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12980)
cross-site scripting in dokuwiki (CVE-2017-12980). Risk of unauthorized operations or information disclosure.
CVE-2017-12981 SQL Injection in sqli (CVE-2017-12981)
SQL injection in sqli (CVE-2017-12981). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →