Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-13697 |
|
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
|
| CVE-2017-13692 |
|
Vulnerability in c (CVE-2017-13692)
vulnerability in c (CVE-2017-13692). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13693 |
|
Information Disclosure in c (CVE-2017-13693)
vulnerability in c (CVE-2017-13693). Confidential information can be exposed externally.
|
| CVE-2017-13694 |
|
Information Disclosure in c (CVE-2017-13694)
vulnerability in c (CVE-2017-13694). Confidential information can be exposed externally.
|
| CVE-2017-13695 |
|
Information Disclosure in c (CVE-2017-13695)
vulnerability in c (CVE-2017-13695). Confidential information can be exposed externally.
|
| CVE-2017-13686 |
|
Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8352 |
|
Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8355 |
|
SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
|
| CVE-2014-4616 |
|
Vulnerability in simplejson-project (CVE-2014-4616)
vulnerability in simplejson-project (CVE-2014-4616). Confidential information can be exposed externally.
|
| CVE-2017-13671 |
|
Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9555 |
|
Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12679 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
|
| CVE-2017-13669 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
|
| CVE-2017-9507 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9508 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9509 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9510 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12134 |
|
Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12137 |
|
Vulnerability in c (CVE-2017-12137)
vulnerability in c (CVE-2017-12137). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13658 |
|
Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13648 |
|
Vulnerability in c (CVE-2017-13648)
vulnerability in c (CVE-2017-13648). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13147 |
|
Vulnerability in c (CVE-2017-13147)
vulnerability in c (CVE-2017-13147). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12970 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12971 |
|
Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13137 |
|
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
|
| CVE-2017-13138 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12858 |
|
Vulnerability in c (CVE-2017-12858)
vulnerability in c (CVE-2017-12858). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13139 |
|
Out-of-Bounds Read in c (CVE-2017-13139)
vulnerability in c (CVE-2017-13139). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13140 |
|
Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13141 |
|
Vulnerability in c (CVE-2017-13141)
vulnerability in c (CVE-2017-13141). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13143 |
|
Information Disclosure in c (CVE-2017-13143)
vulnerability in c (CVE-2017-13143). Confidential information can be exposed externally.
|
| CVE-2017-13145 |
|
Vulnerability in c (CVE-2017-13145)
vulnerability in c (CVE-2017-13145). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13146 |
|
Vulnerability in c (CVE-2017-13146)
vulnerability in c (CVE-2017-13146). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13131 |
|
Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13132 |
|
Vulnerability in c (CVE-2017-13132)
vulnerability in c (CVE-2017-13132). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13133 |
|
Vulnerability in c (CVE-2017-13133)
vulnerability in c (CVE-2017-13133). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13134 |
|
Out-of-Bounds Read in c (CVE-2017-13134)
vulnerability in c (CVE-2017-13134). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13058 |
|
Vulnerability in c (CVE-2017-13058)
vulnerability in c (CVE-2017-13058). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13059 |
|
Vulnerability in c (CVE-2017-13059)
vulnerability in c (CVE-2017-13059). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13060 |
|
Vulnerability in c (CVE-2017-13060)
vulnerability in c (CVE-2017-13060). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13061 |
|
Vulnerability in c (CVE-2017-13061)
vulnerability in c (CVE-2017-13061). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13062 |
|
Vulnerability in c (CVE-2017-13062)
vulnerability in c (CVE-2017-13062). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13063 |
|
Buffer Overflow in c (CVE-2017-13063)
vulnerability in c (CVE-2017-13063). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13064 |
|
Buffer Overflow in c (CVE-2017-13064)
vulnerability in c (CVE-2017-13064). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13065 |
|
Vulnerability in c (CVE-2017-13065)
vulnerability in c (CVE-2017-13065). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13066 |
|
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
GraphicsMagick 1.3.26 has a memory leak vulnerability in the function CloneImage in magick/image.c.
|
| CVE-2017-12978 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2017-12978)
cross-site scripting in cacti (CVE-2017-12978). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12979 |
|
Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12979)
cross-site scripting in dokuwiki (CVE-2017-12979). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12980 |
|
Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12980)
cross-site scripting in dokuwiki (CVE-2017-12980). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12981 |
|
SQL Injection in sqli (CVE-2017-12981)
SQL injection in sqli (CVE-2017-12981). Successful exploitation can lead to full system takeover.
|