Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2011-4955 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2011-4955)
cross-site scripting in wordpress (CVE-2011-4955). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12072 |
|
Cross-Site Scripting (XSS) in synology (CVE-2017-12072)
cross-site scripting in synology (CVE-2017-12072). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4933 |
|
Out-of-Bounds Write in vmware (CVE-2017-4933)
out-of-bounds write in vmware (CVE-2017-4933). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4940 |
|
Cross-Site Scripting (XSS) in vmware (CVE-2017-4940)
cross-site scripting in vmware (CVE-2017-4940). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-4941 |
|
Buffer Overflow in vmware (CVE-2017-4941)
vulnerability in vmware (CVE-2017-4941). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4943 |
|
Out-of-Bounds Write in privilege-escalation (CVE-2017-4943)
out-of-bounds write in privilege-escalation (CVE-2017-4943). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17792 |
|
Cross-Site Scripting (XSS) in blogotext-project (CVE-2017-17792)
cross-site scripting in blogotext-project (CVE-2017-17792). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17793 |
|
Information Disclosure in blogotext-project (CVE-2017-17793)
vulnerability in blogotext-project (CVE-2017-17793). Confidential information can be exposed externally.
|
| CVE-2017-17794 |
|
Vulnerability in blogotext-project (CVE-2017-17794)
vulnerability in blogotext-project (CVE-2017-17794). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17774 |
|
admin/configuration.php in Piwigo 2.9.2 has CSRF.
admin/configuration.php in Piwigo 2.9.2 has CSRF.
|
| CVE-2017-17775 |
|
Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album-3-properties request.
Piwigo 2.9.2 has XSS via the name parameter in an admin.php?page=album-3-properties request.
|
| CVE-2017-17776 |
|
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.
Paid To Read Script 2.0.5 has full path disclosure via an invalid admin/userview.php uid parameter.
|
| CVE-2017-17777 |
|
Authentication Bypass in paid-to-read-script-project (CVE-2017-17777)
authentication bypass in paid-to-read-script-project (CVE-2017-17777). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17778 |
|
Cross-Site Scripting (XSS) in paid-to-read-script-project (CVE-2017-17778)
cross-site scripting in paid-to-read-script-project (CVE-2017-17778). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17779 |
|
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.
Paid To Read Script 2.0.5 has SQL injection via the referrals.php id parameter.
|
| CVE-2017-17780 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17780)
cross-site scripting in wordpress (CVE-2017-17780). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17719 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17719)
cross-site scripting in wordpress (CVE-2017-17719). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17744 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17744)
cross-site scripting in wordpress (CVE-2017-17744). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17753 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17753)
cross-site scripting in wordpress (CVE-2017-17753). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11562 |
|
Vulnerability in mt4 (CVE-2017-11562)
vulnerability in mt4 (CVE-2017-11562). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15876 |
|
Unrestricted File Upload in sistemagpweb (CVE-2017-15876)
vulnerability in sistemagpweb (CVE-2017-15876). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15877 |
|
Vulnerability in sistemagpweb (CVE-2017-15877)
vulnerability in sistemagpweb (CVE-2017-15877). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16949 |
|
Unrestricted File Upload in wordpress (CVE-2017-16949)
vulnerability in wordpress (CVE-2017-16949). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15700 |
|
Information Disclosure in apache (CVE-2017-15700)
vulnerability in apache (CVE-2017-15700). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12630 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-12630)
cross-site scripting in apache (CVE-2017-12630). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17645 |
|
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
|
| CVE-2017-17649 |
|
Code Injection in readymade-video-sharing-script-project (CVE-2017-17649)
code injection in readymade-video-sharing-script-project (CVE-2017-17649). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17651 |
|
SQL Injection in sqli (CVE-2017-17651)
SQL injection in sqli (CVE-2017-17651). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17727 |
|
Unrestricted File Upload in dedecms (CVE-2017-17727)
vulnerability in dedecms (CVE-2017-17727). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17730 |
|
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
|
| CVE-2017-17731 |
|
DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
|
| CVE-2017-17733 |
|
Vulnerability in maccms (CVE-2017-17733)
vulnerability in maccms (CVE-2017-17733). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17716 |
|
Vulnerability in gitlab (CVE-2017-17716)
vulnerability in gitlab (CVE-2017-17716). Confidential information can be exposed externally.
|
| CVE-2017-17717 |
|
Vulnerability in sonatype (CVE-2017-17717)
vulnerability in sonatype (CVE-2017-17717). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3196 |
|
Buffer Overflow in rawether-project (CVE-2017-3196)
vulnerability in rawether-project (CVE-2017-3196). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3195 |
|
Vulnerability in commvault (CVE-2017-3195)
vulnerability in commvault (CVE-2017-3195). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17693 |
|
Vulnerability in techno-portfolio-management-panel-project (CVE-2017-17693)
vulnerability in techno-portfolio-management-panel-project (CVE-2017-17693). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17694 |
|
Cross-Site Scripting (XSS) in techno-portfolio-management-panel-project (CVE-2017-17694)
cross-site scripting in techno-portfolio-management-panel-project (CVE-2017-17694). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17695 |
|
SQL Injection in sqli (CVE-2017-17695)
SQL injection in sqli (CVE-2017-17695). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17696 |
|
Information Disclosure in techno-portfolio-management-panel-project (CVE-2017-17696)
vulnerability in techno-portfolio-management-panel-project (CVE-2017-17696). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5663 |
|
SQL Injection in apache (CVE-2017-5663)
SQL injection in apache (CVE-2017-5663). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17680 |
|
Vulnerability in c (CVE-2017-17680)
vulnerability in c (CVE-2017-17680). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17681 |
|
Vulnerability in c (CVE-2017-17681)
vulnerability in c (CVE-2017-17681). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17682 |
|
Vulnerability in c (CVE-2017-17682)
vulnerability in c (CVE-2017-17682). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17671 |
|
Path Traversal in apache (CVE-2017-17671)
path traversal in apache (CVE-2017-17671). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17672 |
|
Unsafe Deserialization in deserialization (CVE-2017-17672)
vulnerability in deserialization (CVE-2017-17672). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7738 |
|
Information Disclosure in fortinet (CVE-2017-7738)
vulnerability in fortinet (CVE-2017-7738). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11305 |
|
Vulnerability in adobe (CVE-2017-11305)
vulnerability in adobe (CVE-2017-11305). Data can be tampered with by attackers.
|
| CVE-2017-17648 |
|
SQL Injection in sqli (CVE-2017-17648)
SQL injection in sqli (CVE-2017-17648). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17638 |
|
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
|