Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2020-14969 |
|
Vulnerability in misp-project (CVE-2020-14969)
vulnerability in misp-project (CVE-2020-14969). Confidential information can be exposed externally.
|
| CVE-2020-11725 |
|
Vulnerability in c (CVE-2020-11725)
vulnerability in c (CVE-2020-11725). Successful exploitation can lead to full system takeover.
|
| CVE-2018-7852 |
|
Vulnerability in c (CVE-2018-7852)
vulnerability in c (CVE-2018-7852). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1916 |
|
Vulnerability in dos (CVE-2015-1916)
vulnerability in dos (CVE-2015-1916). Risk of unauthorized operations or information disclosure.
|
| CVE-2011-0539 |
|
Vulnerability in c (CVE-2011-0539)
vulnerability in c (CVE-2011-0539). Confidential information can be exposed externally.
|
| CVE-2016-10010 |
|
Vulnerability in c (CVE-2016-10010)
vulnerability in c (CVE-2016-10010). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8858 |
|
Vulnerability in c (CVE-2016-8858)
vulnerability in c (CVE-2016-8858). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-19908 |
|
OS Command Injection in misp-project (CVE-2018-19908)
OS command injection in misp-project (CVE-2018-19908). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5600 |
|
Vulnerability in c (CVE-2015-5600)
vulnerability in c (CVE-2015-5600). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29145 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145)
vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.5` or later.
|
| CVE-2022-29117 |
|
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
|
| CVE-2022-29534 |
|
Authentication Bypass in misp-project (CVE-2022-29534)
authentication bypass in misp-project (CVE-2022-29534). Data can be tampered with by attackers.
|
| CVE-2022-26607 |
|
Unrestricted File Upload in baigo (CVE-2022-26607)
vulnerability in baigo (CVE-2022-26607). Successful exploitation can lead to full system takeover.
|
| CVE-2021-40904 |
|
Vulnerability in checkmk (CVE-2021-40904)
vulnerability in checkmk (CVE-2021-40904). Successful exploitation can lead to full system takeover.
|
| CVE-2019-11043 KEV |
|
[KEV] Vulnerability in Php fastcgi-process-manager-fpm (CVE-2019-11043)
vulnerability in Php fastcgi-process-manager-fpm (CVE-2019-11043). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-1823 KEV |
|
[KEV] Vulnerability in php (CVE-2012-1823)
vulnerability in php (CVE-2012-1823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-27245 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-27245)
SSRF in ssrf (CVE-2022-27245). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24618 |
|
Vulnerability in c (CVE-2022-24618)
vulnerability in c (CVE-2022-24618). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24464 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
|
| CVE-2022-25018 |
|
Code Injection in pluxml (CVE-2022-25018)
code injection in pluxml (CVE-2022-25018). Successful exploitation can lead to full system takeover.
|
| CVE-2021-4090 |
|
Out-of-Bounds Write in c (CVE-2021-4090)
out-of-bounds write in c (CVE-2021-4090). Confidential information can be exposed externally.
|
| CVE-2021-46115 |
|
Unrestricted File Upload in c (CVE-2021-46115)
vulnerability in c (CVE-2021-46115). Successful exploitation can lead to full system takeover.
|
| CVE-2021-25296 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25296)
OS command injection in nagios (CVE-2021-25296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25297 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25297)
OS command injection in nagios (CVE-2021-25297). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25298 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25298)
OS command injection in nagios (CVE-2021-25298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22204 KEV |
|
[KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25877 |
|
Code Injection in youphptube (CVE-2021-25877)
code injection in youphptube (CVE-2021-25877). Successful exploitation can lead to full system takeover.
|
| CVE-2021-40639 |
|
Vulnerability in jflyfox (CVE-2021-40639)
vulnerability in jflyfox (CVE-2021-40639). Confidential information can be exposed externally.
|
| CVE-2020-20585 |
|
SQL Injection in c (CVE-2020-20585)
SQL injection in c (CVE-2020-20585). Confidential information can be exposed externally.
|
| CVE-2020-22168 |
|
SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
|
| CVE-2021-34202 |
|
Out-of-Bounds Write in c (CVE-2021-34202)
out-of-bounds write in c (CVE-2021-34202). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21843 |
|
Out-of-Bounds Write in c (CVE-2020-21843)
out-of-bounds write in c (CVE-2020-21843). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21840 |
|
Out-of-Bounds Write in c (CVE-2020-21840)
out-of-bounds write in c (CVE-2020-21840). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21827 |
|
Out-of-Bounds Write in c (CVE-2020-21827)
out-of-bounds write in c (CVE-2020-21827). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21814 |
|
Out-of-Bounds Write in c (CVE-2020-21814)
out-of-bounds write in c (CVE-2020-21814). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21816 |
|
Out-of-Bounds Write in c (CVE-2020-21816)
out-of-bounds write in c (CVE-2020-21816). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21818 |
|
Out-of-Bounds Write in c (CVE-2020-21818)
out-of-bounds write in c (CVE-2020-21818). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21819 |
|
Out-of-Bounds Write in c (CVE-2020-21819)
out-of-bounds write in c (CVE-2020-21819). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21813 |
|
Out-of-Bounds Write in c (CVE-2020-21813)
out-of-bounds write in c (CVE-2020-21813). Successful exploitation can lead to full system takeover.
|
| CVE-2020-24036 |
|
Unsafe Deserialization in fork-cms (CVE-2020-24036)
vulnerability in fork-cms (CVE-2020-24036). Successful exploitation can lead to full system takeover.
|
| CVE-2020-28874 |
|
Privilege Escalation in projectsend (CVE-2020-28874)
vulnerability in projectsend (CVE-2020-28874). Data can be tampered with by attackers.
|
| CVE-2020-14966 |
|
Vulnerability in kjur (CVE-2020-14966)
vulnerability in kjur (CVE-2020-14966). Data can be tampered with by attackers.
|
| CVE-2019-19378 |
|
Out-of-Bounds Write in c (CVE-2019-19378)
out-of-bounds write in c (CVE-2019-19378). Successful exploitation can lead to full system takeover.
|
| CVE-2019-18197 |
|
Use-After-Free in nokogiri (CVE-2019-18197)
vulnerability in nokogiri (CVE-2019-18197). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.10.5` or later.
|
| CVE-2018-10902 |
|
Vulnerability in c (CVE-2018-10902)
vulnerability in c (CVE-2018-10902). Successful exploitation can lead to full system takeover.
|
| CVE-2018-6926 |
|
OS Command Injection in misp-project (CVE-2018-6926)
OS command injection in misp-project (CVE-2018-6926). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17997 |
|
Vulnerability in c (CVE-2017-17997)
vulnerability in c (CVE-2017-17997). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17983 |
|
SQL Injection in sqli (CVE-2017-17983)
SQL injection in sqli (CVE-2017-17983). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17987 |
|
Unrestricted File Upload in muslim-matrimonial-script-project (CVE-2017-17987)
vulnerability in muslim-matrimonial-script-project (CVE-2017-17987). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17990 |
|
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
|