Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-6090 |
|
Unrestricted File Upload in phpcollab (CVE-2017-6090)
vulnerability in phpcollab (CVE-2017-6090). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8018 |
|
Vulnerability in dos (CVE-2017-8018)
vulnerability in dos (CVE-2017-8018). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9797 |
|
Information Disclosure in apache (CVE-2017-9797)
vulnerability in apache (CVE-2017-9797). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14979 |
|
Vulnerability in gxlcms (CVE-2017-14979)
vulnerability in gxlcms (CVE-2017-14979). Confidential information can be exposed externally.
|
| CVE-2017-14981 |
|
Cross-Site Scripting (XSS) in atutor (CVE-2017-14981)
cross-site scripting in atutor (CVE-2017-14981). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14983 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14983)
cross-site scripting in eyesofnetwork (CVE-2017-14983). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14984 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14984)
cross-site scripting in eyesofnetwork (CVE-2017-14984). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14985 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14985)
cross-site scripting in eyesofnetwork (CVE-2017-14985). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14989 |
|
Use-After-Free in c (CVE-2017-14989)
vulnerability in c (CVE-2017-14989). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12792 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-12792)
cross-site scripting in csrf (CVE-2017-12792). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12620 |
|
XXE (XML External Entity) in apache (CVE-2017-12620)
vulnerability in apache (CVE-2017-12620). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7358 |
|
Vulnerability in c (CVE-2015-7358)
vulnerability in c (CVE-2015-7358). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7359 |
|
Vulnerability in c (CVE-2015-7359)
vulnerability in c (CVE-2015-7359). Successful exploitation can lead to full system takeover.
|
| CVE-2014-0043 |
|
Information Disclosure in apache (CVE-2014-0043)
vulnerability in apache (CVE-2014-0043). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6806 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2016-6806)
vulnerability in apache (CVE-2016-6806). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-14957 |
|
Cross-Site Scripting (XSS) in blogotext-project (CVE-2017-14957)
cross-site scripting in blogotext-project (CVE-2017-14957). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14958 |
|
Unrestricted File Upload in pivotx (CVE-2017-14958)
vulnerability in pivotx (CVE-2017-14958). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14941 |
|
Information Disclosure in jaspersoft (CVE-2017-14941)
vulnerability in jaspersoft (CVE-2017-14941). Confidential information can be exposed externally.
|
| CVE-2017-9794 |
|
Information Disclosure in apache (CVE-2017-9794)
vulnerability in apache (CVE-2017-9794). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14924 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14924)
vulnerability in csrf (CVE-2017-14924). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14925 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14925)
vulnerability in csrf (CVE-2017-14925). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14945 |
|
Buffer Overflow in dos (CVE-2017-14945)
vulnerability in dos (CVE-2017-14945). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14946 |
|
Buffer Overflow in dos (CVE-2017-14946)
vulnerability in dos (CVE-2017-14946). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14947 |
|
Buffer Overflow in dos (CVE-2017-14947)
vulnerability in dos (CVE-2017-14947). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13990 |
|
Information Disclosure in express (CVE-2017-13990)
vulnerability in express (CVE-2017-13990). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-9233 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
|
| CVE-2015-9234 |
|
SQL Injection in wordpress (CVE-2015-9234)
SQL injection in wordpress (CVE-2015-9234). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4434 |
|
XXE (XML External Entity) in apache (CVE-2016-4434)
vulnerability in apache (CVE-2016-4434). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8444 |
|
Vulnerability in elasticsearch (CVE-2017-8444)
vulnerability in elasticsearch (CVE-2017-8444). Confidential information can be exposed externally.
|
| CVE-2017-7687 |
|
Vulnerability in apache (CVE-2017-7687)
vulnerability in apache (CVE-2017-7687). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9790 |
|
Use-After-Free in apache (CVE-2017-9790)
vulnerability in apache (CVE-2017-9790). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14867 |
|
OS Command Injection in git-scm (CVE-2017-14867)
OS command injection in git-scm (CVE-2017-14867). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14507 |
|
SQL Injection in wordpress (CVE-2017-14507)
SQL injection in wordpress (CVE-2017-14507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12228 |
|
Vulnerability in cisco (CVE-2017-12228)
vulnerability in cisco (CVE-2017-12228). Confidential information can be exposed externally.
|
| CVE-2017-11479 |
|
Cross-Site Scripting (XSS) in elastic (CVE-2017-11479)
cross-site scripting in elastic (CVE-2017-11479). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14622 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14622)
cross-site scripting in wordpress (CVE-2017-14622). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12814 |
|
Buffer Overflow in perl (CVE-2017-12814)
vulnerability in perl (CVE-2017-12814). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12621 |
|
XXE (XML External Entity) in apache (CVE-2017-12621)
vulnerability in apache (CVE-2017-12621). Successful exploitation can lead to full system takeover.
|
| CVE-2014-9686 |
|
Vulnerability in dos (CVE-2014-9686)
vulnerability in dos (CVE-2014-9686). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10932 |
|
Unsafe Deserialization in c (CVE-2017-10932)
vulnerability in c (CVE-2017-10932). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8249 |
|
Unrestricted File Upload in manageengine (CVE-2015-8249)
vulnerability in manageengine (CVE-2015-8249). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14760 |
|
SQL Injection in wordpress (CVE-2017-14760)
SQL injection in wordpress (CVE-2017-14760). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14761 |
|
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14762 |
|
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14763 |
|
Vulnerability in genixcms (CVE-2017-14763)
vulnerability in genixcms (CVE-2017-14763). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14764 |
|
Code Injection in genixcms (CVE-2017-14764)
code injection in genixcms (CVE-2017-14764). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14765 |
|
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14753 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14753)
cross-site scripting in eyesofnetwork (CVE-2017-14753). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7390 |
|
SQL Injection in sqli (CVE-2015-7390)
SQL injection in sqli (CVE-2015-7390). Successful exploitation can lead to full system takeover.
|