Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2020-8894 |
|
Vulnerability in misp-project (CVE-2020-8894)
vulnerability in misp-project (CVE-2020-8894). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-19379 |
|
Vulnerability in misp-project (CVE-2019-19379)
vulnerability in misp-project (CVE-2019-19379). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-11812 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2019-11812)
cross-site scripting in misp-project (CVE-2019-11812). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4655 KEV |
|
[KEV] Information Disclosure in Apple ios (CVE-2016-4655)
vulnerability in Apple ios (CVE-2016-4655). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4656 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2016-4656)
vulnerability in Apple ios (CVE-2016-4656). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4657 KEV |
|
[KEV] Buffer Overflow in Apple ios (CVE-2016-4657)
vulnerability in Apple ios (CVE-2016-4657). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8611 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2018-8611)
vulnerability in Microsoft windows (CVE-2018-8611). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0005 KEV |
|
[KEV] Buffer Overflow in Microsoft windows (CVE-2017-0005)
vulnerability in Microsoft windows (CVE-2017-0005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-8543 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2017-8543)
vulnerability in Microsoft windows (CVE-2017-8543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0149 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2017-0149)
vulnerability in Microsoft internet-explorer (CVE-2017-0149). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0210 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2017-0210)
vulnerability in Microsoft internet-explorer (CVE-2017-0210). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0162 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer (CVE-2016-0162)
vulnerability in Microsoft internet-explorer (CVE-2016-0162). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3298 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer (CVE-2016-3298)
vulnerability in Microsoft internet-explorer (CVE-2016-3298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6366 KEV |
|
[KEV] Buffer Overflow in Cisco adaptive-security-appliance-asa (CVE-2016-6366)
vulnerability in Cisco adaptive-security-appliance-asa (CVE-2016-6366). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6367 KEV |
|
[KEV] Command Injection in Cisco adaptive-security-appliance-asa (CVE-2016-6367)
command injection in Cisco adaptive-security-appliance-asa (CVE-2016-6367). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0022 KEV |
|
[KEV] Information Disclosure in Microsoft xml-core-services (CVE-2017-0022)
vulnerability in Microsoft xml-core-services (CVE-2017-0022). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19953 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19953)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19949 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949)
vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19943 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19943)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19943). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0147 KEV |
|
[KEV] Information Disclosure in Microsoft smbv1-server (CVE-2017-0147)
vulnerability in Microsoft smbv1-server (CVE-2017-0147). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-8291 KEV |
|
[KEV] Vulnerability in Artifex ghostscript (CVE-2017-8291)
vulnerability in Artifex ghostscript (CVE-2017-8291). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-18362 KEV |
|
[KEV] SQL Injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362)
SQL injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3351 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer-and-edge (CVE-2016-3351)
vulnerability in Microsoft internet-explorer-and-edge (CVE-2016-3351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-28944 |
|
Vulnerability in emcosoftware (CVE-2022-28944)
vulnerability in emcosoftware (CVE-2022-28944). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29004 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29004)
cross-site scripting in phpgurukul (CVE-2022-29004). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29005 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-29005)
cross-site scripting in phpgurukul (CVE-2022-29005). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-7287 KEV |
|
[KEV] Out-of-Bounds Write in Apple ios (CVE-2019-7287)
out-of-bounds write in Apple ios (CVE-2019-7287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1027 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2020-1027)
out-of-bounds write in Microsoft windows (CVE-2020-1027). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0703 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-0703)
vulnerability in Microsoft windows (CVE-2019-0703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0880 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-0880)
vulnerability in Microsoft windows (CVE-2019-0880). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1385 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-1385)
vulnerability in Microsoft windows (CVE-2019-1385). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1130 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-1130)
vulnerability in Microsoft windows (CVE-2019-1130). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-1048 KEV |
|
[KEV] Use-After-Free in Android :linux_kernel: (CVE-2021-1048)
vulnerability in Android :linux_kernel: (CVE-2021-1048). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `:2021-11-06` or later.
|
| CVE-2021-0920 KEV |
|
[KEV] Vulnerability in Android :linux_kernel: (CVE-2021-0920)
vulnerability in Android :linux_kernel: (CVE-2021-0920). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `:2021-11-05` or later.
|
| CVE-2021-30883 KEV |
|
[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2021-30883)
out-of-bounds write in Apple multiple-products (CVE-2021-30883). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7286 KEV |
|
[KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2019-7286)
out-of-bounds write in Apple multiple-products (CVE-2019-7286). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0676 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2019-0676)
vulnerability in Microsoft internet-explorer (CVE-2019-0676). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-18426 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Meta platforms meta-platforms (CVE-2019-18426)
cross-site scripting in Meta platforms meta-platforms (CVE-2019-18426). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-5002 KEV |
|
[KEV] Out-of-Bounds Write in Adobe flash-player (CVE-2018-5002)
out-of-bounds write in Adobe flash-player (CVE-2018-5002). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8589 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2018-8589)
vulnerability in Microsoft win32k (CVE-2018-8589). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20821 KEV |
|
[KEV] Vulnerability in Cisco ios-xr (CVE-2022-20821)
vulnerability in Cisco ios-xr (CVE-2022-20821). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0638 KEV |
|
[KEV] Vulnerability in Microsoft update-notification-manager (CVE-2020-0638)
vulnerability in Microsoft update-notification-manager (CVE-2020-0638). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-5786 KEV |
|
[KEV] Use-After-Free in Google chrome-blink (CVE-2019-5786)
vulnerability in Google chrome-blink (CVE-2019-5786). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-13720 KEV |
|
[KEV] Use-After-Free in Google chrome-webaudio (CVE-2019-13720)
vulnerability in Google chrome-webaudio (CVE-2019-13720). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11707 KEV |
|
[KEV] Vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-11707)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-11707). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11708 KEV |
|
[KEV] Vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-11708)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-11708). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-8720 KEV |
|
[KEV] Buffer Overflow in webkitgtk (CVE-2019-8720)
vulnerability in webkitgtk (CVE-2019-8720). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-30525 KEV |
|
[KEV] OS Command Injection in Zyxel multiple-firewalls (CVE-2022-30525)
OS command injection in Zyxel multiple-firewalls (CVE-2022-30525). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22947 KEV |
|
[KEV] Code Injection in Vmware spring-cloud-gateway (CVE-2022-22947)
code injection in Vmware spring-cloud-gateway (CVE-2022-22947). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19908 |
|
OS Command Injection in misp-project (CVE-2018-19908)
OS command injection in misp-project (CVE-2018-19908). Successful exploitation can lead to full system takeover.
|