Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-2808 |
|
Vulnerability in oracle (CVE-2015-2808)
vulnerability in oracle (CVE-2015-2808). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-23742 |
|
Vulnerability in checkpoint (CVE-2022-23742)
vulnerability in checkpoint (CVE-2022-23742). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29107 |
|
Microsoft Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
|
| CVE-2022-29109 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-26934 |
|
Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
|
| CVE-2022-1388 KEV |
|
[KEV] Vulnerability in F5 big-ip (CVE-2022-1388)
vulnerability in F5 big-ip (CVE-2022-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-29347 |
|
Unrestricted File Upload in web-at-rchiv-project (CVE-2022-29347)
vulnerability in web-at-rchiv-project (CVE-2022-29347). Successful exploitation can lead to full system takeover.
|
| CVE-2021-1789 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2021-1789)
vulnerability in Apple multiple-products (CVE-2021-1789). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-8506 KEV |
|
[KEV] Vulnerability in Apple multiple-products (CVE-2019-8506)
vulnerability in Apple multiple-products (CVE-2019-8506). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0322 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2014-0322)
vulnerability in Microsoft internet-explorer (CVE-2014-0322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-4113 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2014-4113)
vulnerability in Microsoft win32k (CVE-2014-4113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0160 KEV |
|
[KEV] Out-of-Bounds Read in openssl (CVE-2014-0160)
vulnerability in openssl (CVE-2014-0160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-28102 |
|
Cross-Site Scripting (XSS) in php-mysql-admin-panel-generator-project (CVE-2022-28102)
cross-site scripting in php-mysql-admin-panel-generator-project (CVE-2022-28102). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-27984 |
|
SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27985 |
|
SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26596 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26596)
cross-site scripting in liferay (CVE-2022-26596). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26597 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26597)
cross-site scripting in liferay (CVE-2022-26597). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28094 |
|
Cross-Site Scripting (XSS) in online-sports-complex-booking-system-project (CVE-2022-28094)
cross-site scripting in online-sports-complex-booking-system-project (CVE-2022-28094). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-28093 |
|
Vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093)
vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26904 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-26904)
vulnerability in Microsoft windows (CVE-2022-26904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-21919 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-21919)
vulnerability in Microsoft windows (CVE-2022-21919). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1003029 KEV |
|
[KEV] Vulnerability in Jenkins script-security-plugin (CVE-2019-1003029)
vulnerability in Jenkins script-security-plugin (CVE-2019-1003029). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-0847 KEV |
|
[KEV] Vulnerability in :linux_kernel: (CVE-2022-0847)
vulnerability in :linux_kernel: (CVE-2022-0847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `:2022-05-05` or later.
|
| CVE-2022-29464 KEV |
|
[KEV] Path Traversal in Wso2 multiple-products (CVE-2022-29464)
path traversal in Wso2 multiple-products (CVE-2022-29464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-41357 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2021-41357)
vulnerability in Microsoft win32k (CVE-2021-41357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40450 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2021-40450)
vulnerability in Microsoft win32k (CVE-2021-40450). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-27406 |
|
Out-of-Bounds Read in freetype (CVE-2022-27406)
vulnerability in freetype (CVE-2022-27406). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29533 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2022-29533)
cross-site scripting in misp-project (CVE-2022-29533). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29534 |
|
Authentication Bypass in misp-project (CVE-2022-29534)
authentication bypass in misp-project (CVE-2022-29534). Data can be tampered with by attackers.
|
| CVE-2022-26593 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26593)
cross-site scripting in liferay (CVE-2022-26593). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26595 |
|
Vulnerability in liferay (CVE-2022-26595)
vulnerability in liferay (CVE-2022-26595). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-22718 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-22718)
vulnerability in Microsoft windows (CVE-2022-22718). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-6882 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-3568 KEV |
|
[KEV] Vulnerability in Meta platforms meta-platforms (CVE-2019-3568)
vulnerability in Meta platforms meta-platforms (CVE-2019-3568). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26901 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-24473 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-26594 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-26594)
cross-site scripting in liferay (CVE-2022-26594). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-22960 KEV |
|
[KEV] Vulnerability in Vmware multiple-products (CVE-2022-22960)
vulnerability in Vmware multiple-products (CVE-2022-22960). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-3929 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Crestron multiple-products (CVE-2019-3929)
cross-site scripting in Crestron multiple-products (CVE-2019-3929). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-1364 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2022-1364)
vulnerability in Google chromium-v8 (CVE-2022-1364). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-16057 KEV |
|
[KEV] OS Command Injection in D-link dns-320-storage-device (CVE-2019-16057)
OS command injection in D-link dns-320-storage-device (CVE-2019-16057). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7841 KEV |
|
[KEV] SQL Injection in Schneider electric schneider-electric (CVE-2018-7841)
SQL injection in Schneider electric schneider-electric (CVE-2018-7841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4523 KEV |
|
[KEV] Buffer Overflow in Trihedral vtscada-formerly-vts (CVE-2016-4523)
vulnerability in Trihedral vtscada-formerly-vts (CVE-2016-4523). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0780 KEV |
|
[KEV] Path Traversal in Indusoft web-studio (CVE-2014-0780)
path traversal in Indusoft web-studio (CVE-2014-0780). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-5330 KEV |
|
[KEV] Command Injection in Ubiquiti airos (CVE-2010-5330)
command injection in Ubiquiti airos (CVE-2010-5330). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2007-3010 KEV |
|
[KEV] Vulnerability in Alcatel omnipcx-enterprise (CVE-2007-3010)
vulnerability in Alcatel omnipcx-enterprise (CVE-2007-3010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22954 KEV |
|
[KEV] Code Injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954)
code injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-24521 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-24521)
out-of-bounds write in Microsoft windows (CVE-2022-24521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2502 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2015-2502)
vulnerability in Microsoft internet-explorer (CVE-2015-2502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-5123 KEV |
|
[KEV] Use-After-Free in Adobe flash-player (CVE-2015-5123)
vulnerability in Adobe flash-player (CVE-2015-5123). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|