Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2020-10148 KEV [KEV] Vulnerability in Solarwinds orion (CVE-2020-10148)
vulnerability in Solarwinds orion (CVE-2020-10148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-3643 KEV [KEV] Vulnerability in Solarwinds virtualization-manager (CVE-2016-3643)
vulnerability in Solarwinds virtualization-manager (CVE-2016-3643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-10199 KEV [KEV] Vulnerability in Sonatype nexus-repository (CVE-2020-10199)
vulnerability in Sonatype nexus-repository (CVE-2020-10199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-20021 KEV [KEV] Vulnerability in sonicwall (CVE-2021-20021)
vulnerability in sonicwall (CVE-2021-20021). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-20022 KEV [KEV] Unrestricted File Upload in sonicwall (CVE-2021-20022)
vulnerability in sonicwall (CVE-2021-20022). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-20023 KEV [KEV] Path Traversal in sonicwall (CVE-2021-20023)
path traversal in sonicwall (CVE-2021-20023). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-20016 KEV [KEV] SQL Injection in Sonicwall sslvpn-sma100 (CVE-2021-20016)
SQL injection in Sonicwall sslvpn-sma100 (CVE-2021-20016). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-12271 KEV [KEV] SQL Injection in Sophos sfos (CVE-2020-12271)
SQL injection in Sophos sfos (CVE-2020-12271). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-10181 KEV [KEV] Cross-Site Request Forgery (CSRF) in Sumavision enhanced-multimedia-router-emr (CVE-2020-10181)
vulnerability in Sumavision enhanced-multimedia-router-emr (CVE-2020-10181). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-6327 KEV [KEV] Vulnerability in symantec (CVE-2017-6327)
vulnerability in symantec (CVE-2017-6327). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-18988 KEV [KEV] Vulnerability in Teamviewer desktop (CVE-2019-18988)
vulnerability in Teamviewer desktop (CVE-2019-18988). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-9248 KEV [KEV] Vulnerability in Progress aspnet-ajax-and-sitefinity (CVE-2017-9248)
vulnerability in Progress aspnet-ajax-and-sitefinity (CVE-2017-9248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-31755 KEV [KEV] Out-of-Bounds Write in Tenda ac11-router (CVE-2021-31755)
out-of-bounds write in Tenda ac11-router (CVE-2021-31755). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-10987 KEV [KEV] OS Command Injection in Tenda ac1900-router-ac15-model (CVE-2020-10987)
OS command injection in Tenda ac1900-router-ac15-model (CVE-2020-10987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-14558 KEV [KEV] OS Command Injection in Tenda ac7 (CVE-2018-14558)
OS command injection in Tenda ac7 (CVE-2018-14558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-20062 KEV [KEV] Vulnerability in Thinkphp nonecms (CVE-2018-20062)
vulnerability in Thinkphp nonecms (CVE-2018-20062). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9082 KEV [KEV] Vulnerability in thinkphp (CVE-2019-9082)
vulnerability in thinkphp (CVE-2019-9082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-18187 KEV [KEV] Path Traversal in Trend micro trend-micro (CVE-2019-18187)
path traversal in Trend micro trend-micro (CVE-2019-18187). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8467 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2020-8467)
vulnerability in Trend micro trend-micro (CVE-2020-8467). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8599 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2020-8599)
vulnerability in Trend micro trend-micro (CVE-2020-8599). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-20085 KEV [KEV] Path Traversal in Tvt nvms-1000 (CVE-2019-20085)
path traversal in Tvt nvms-1000 (CVE-2019-20085). Risk of unauthorized operations or information disclosure. Exploitable via `GET /..`. Listed in CISA KEV — actively exploited.
CVE-2020-5849 KEV [KEV] Authentication Bypass in unraid (CVE-2020-5849)
authentication bypass in unraid (CVE-2020-5849). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-5847 KEV [KEV] Vulnerability in unraid (CVE-2020-5847)
vulnerability in unraid (CVE-2020-5847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-16759 KEV [KEV] Code Injection in vbulletin (CVE-2019-16759)
code injection in vbulletin (CVE-2019-16759). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-17496 KEV [KEV] Vulnerability in vbulletin (CVE-2020-17496)
vulnerability in vbulletin (CVE-2020-17496). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-5544 KEV [KEV] Out-of-Bounds Write in vmware (CVE-2019-5544)
out-of-bounds write in vmware (CVE-2019-5544). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-25213 KEV [KEV] Unrestricted File Upload in Wordpress file-manager-plugin (CVE-2020-25213)
vulnerability in Wordpress file-manager-plugin (CVE-2020-25213). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-11738 KEV [KEV] Path Traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738)
path traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9978 KEV [KEV] Cross-Site Scripting (XSS) in Wordpress social-warfare-plugin (CVE-2019-9978)
cross-site scripting in Wordpress social-warfare-plugin (CVE-2019-9978). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27561 KEV [KEV] OS Command Injection in Yealink device-management (CVE-2021-27561)
OS command injection in Yealink device-management (CVE-2021-27561). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25877 Code Injection in youphptube (CVE-2021-25877)
code injection in youphptube (CVE-2021-25877). Successful exploitation can lead to full system takeover.
CVE-2021-29006 Path Traversal in rconfig (CVE-2021-29006)
path traversal in rconfig (CVE-2021-29006). Confidential information can be exposed externally.
CVE-2021-37223 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
CVE-2021-41617 Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
CVE-2021-37345 Privilege Escalation in privilege-escalation (CVE-2021-37345)
vulnerability in privilege-escalation (CVE-2021-37345). Successful exploitation can lead to full system takeover.
CVE-2020-18169 Privilege Escalation in techsmith (CVE-2020-18169)
vulnerability in techsmith (CVE-2020-18169). Successful exploitation can lead to full system takeover.
CVE-2020-18171 Privilege Escalation in techsmith (CVE-2020-18171)
vulnerability in techsmith (CVE-2020-18171). Successful exploitation can lead to full system takeover.
CVE-2020-22168 SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
CVE-2020-26679 Vulnerability in vfairs (CVE-2020-26679)
vulnerability in vfairs (CVE-2020-26679). Risk of unauthorized operations or information disclosure.
CVE-2021-29051 Cross-Site Scripting (XSS) in liferay (CVE-2021-29051)
cross-site scripting in liferay (CVE-2021-29051). Risk of unauthorized operations or information disclosure.
CVE-2021-29052 Vulnerability in liferay (CVE-2021-29052)
vulnerability in liferay (CVE-2021-29052). Risk of unauthorized operations or information disclosure.
CVE-2021-29048 Cross-Site Scripting (XSS) in liferay (CVE-2021-29048)
cross-site scripting in liferay (CVE-2021-29048). Risk of unauthorized operations or information disclosure.
CVE-2021-29043 Vulnerability in liferay (CVE-2021-29043)
vulnerability in liferay (CVE-2021-29043). Confidential information can be exposed externally.
CVE-2021-29044 Cross-Site Scripting (XSS) in liferay (CVE-2021-29044)
cross-site scripting in liferay (CVE-2021-29044). Risk of unauthorized operations or information disclosure.
CVE-2021-29045 Cross-Site Scripting (XSS) in liferay (CVE-2021-29045)
cross-site scripting in liferay (CVE-2021-29045). Risk of unauthorized operations or information disclosure.
CVE-2021-29053 SQL Injection in sqli (CVE-2021-29053)
SQL injection in sqli (CVE-2021-29053). Successful exploitation can lead to full system takeover.
CVE-2021-29046 Cross-Site Scripting (XSS) in liferay (CVE-2021-29046)
cross-site scripting in liferay (CVE-2021-29046). Risk of unauthorized operations or information disclosure.
CVE-2021-29040 Vulnerability in liferay (CVE-2021-29040)
vulnerability in liferay (CVE-2021-29040). Risk of unauthorized operations or information disclosure.
CVE-2021-29047 Authentication Bypass in liferay (CVE-2021-29047)
authentication bypass in liferay (CVE-2021-29047). Data can be tampered with by attackers.
CVE-2021-29039 Cross-Site Scripting (XSS) in liferay (CVE-2021-29039)
cross-site scripting in liferay (CVE-2021-29039). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →