Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2017-14037 CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.
CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.
CVE-2017-14038 CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
CVE-2017-11157 Vulnerability in synology (CVE-2017-11157)
vulnerability in synology (CVE-2017-11157). Successful exploitation can lead to full system takeover.
CVE-2016-5001 Information Disclosure in apache (CVE-2016-5001)
vulnerability in apache (CVE-2016-5001). Confidential information can be exposed externally.
CVE-2017-13780 Path Traversal in path-traversal (CVE-2017-13780)
path traversal in path-traversal (CVE-2017-13780). Confidential information can be exposed externally.
CVE-2016-4462 Vulnerability in apache (CVE-2016-4462)
vulnerability in apache (CVE-2016-4462). Successful exploitation can lead to full system takeover.
CVE-2016-6800 Cross-Site Scripting (XSS) in apache (CVE-2016-6800)
cross-site scripting in apache (CVE-2016-6800). Risk of unauthorized operations or information disclosure.
CVE-2017-3163 Path Traversal in apache (CVE-2017-3163)
path traversal in apache (CVE-2017-3163). Confidential information can be exposed externally.
CVE-2017-13778 Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the site_name parameter.
Fiyo CMS 2.0.7 has XSS in dapur\apps\app_config\sys_config.php via the site_name parameter.
CVE-2017-13768 Vulnerability in c (CVE-2017-13768)
vulnerability in c (CVE-2017-13768). Risk of unauthorized operations or information disclosure.
CVE-2017-13769 Out-of-Bounds Read in c (CVE-2017-13769)
vulnerability in c (CVE-2017-13769). Risk of unauthorized operations or information disclosure.
CVE-2017-13758 Buffer Overflow in c (CVE-2017-13758)
vulnerability in c (CVE-2017-13758). Risk of unauthorized operations or information disclosure.
CVE-2016-8752 Vulnerability in apache (CVE-2016-8752)
vulnerability in apache (CVE-2016-8752). Confidential information can be exposed externally.
CVE-2017-3150 Cross-Site Scripting (XSS) in apache (CVE-2017-3150)
cross-site scripting in apache (CVE-2017-3150). Risk of unauthorized operations or information disclosure.
CVE-2017-3151 Cross-Site Scripting (XSS) in apache (CVE-2017-3151)
cross-site scripting in apache (CVE-2017-3151). Risk of unauthorized operations or information disclosure.
CVE-2017-3152 Cross-Site Scripting (XSS) in apache (CVE-2017-3152)
cross-site scripting in apache (CVE-2017-3152). Risk of unauthorized operations or information disclosure.
CVE-2017-3153 Cross-Site Scripting (XSS) in apache (CVE-2017-3153)
cross-site scripting in apache (CVE-2017-3153). Risk of unauthorized operations or information disclosure.
CVE-2017-3154 Information Disclosure in apache (CVE-2017-3154)
vulnerability in apache (CVE-2017-3154). Confidential information can be exposed externally.
CVE-2017-3155 Cross-Site Scripting (XSS) in apache (CVE-2017-3155)
cross-site scripting in apache (CVE-2017-3155). Risk of unauthorized operations or information disclosure.
CVE-2015-7517 SQL Injection in wordpress (CVE-2015-7517)
SQL injection in wordpress (CVE-2015-7517). Successful exploitation can lead to full system takeover.
CVE-2017-12775 Vulnerability in question2answer (CVE-2017-12775)
vulnerability in question2answer (CVE-2017-12775). Data can be tampered with by attackers.
CVE-2017-12856 Cross-Site Scripting (XSS) in c (CVE-2017-12856)
cross-site scripting in c (CVE-2017-12856). Risk of unauthorized operations or information disclosure.
CVE-2015-5209 Vulnerability in apache (CVE-2015-5209)
vulnerability in apache (CVE-2015-5209). Data can be tampered with by attackers.
CVE-2017-11455 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11455)
vulnerability in csrf (CVE-2017-11455). Successful exploitation can lead to full system takeover.
CVE-2017-12875 Vulnerability in dos (CVE-2017-12875)
vulnerability in dos (CVE-2017-12875). Risk of unauthorized operations or information disclosure.
CVE-2017-10844 Code Injection in basercms (CVE-2017-10844)
code injection in basercms (CVE-2017-10844). Successful exploitation can lead to full system takeover.
CVE-2017-3735 Buffer Overflow in openssl (CVE-2017-3735)
vulnerability in openssl (CVE-2017-3735). Risk of unauthorized operations or information disclosure.
CVE-2017-12876 Out-of-Bounds Write in c (CVE-2017-12876)
out-of-bounds write in c (CVE-2017-12876). Risk of unauthorized operations or information disclosure.
CVE-2017-12877 Use-After-Free in c (CVE-2017-12877)
vulnerability in c (CVE-2017-12877). Risk of unauthorized operations or information disclosure.
CVE-2014-5301 Path Traversal in path-traversal (CVE-2014-5301)
path traversal in path-traversal (CVE-2014-5301). Successful exploitation can lead to full system takeover.
CVE-2014-5302 Path Traversal in path-traversal (CVE-2014-5302)
path traversal in path-traversal (CVE-2014-5302). Successful exploitation can lead to full system takeover.
CVE-2014-9469 Cross-Site Scripting (XSS) in vbulletin (CVE-2014-9469)
cross-site scripting in vbulletin (CVE-2014-9469). Risk of unauthorized operations or information disclosure.
CVE-2014-7860 Information Disclosure in d-link (CVE-2014-7860)
vulnerability in d-link (CVE-2014-7860). Risk of unauthorized operations or information disclosure.
CVE-2015-3211 php-fpm allows local users to write to or create arbitrary files via a symlink attack.
php-fpm allows local users to write to or create arbitrary files via a symlink attack.
CVE-2015-4180 Path Traversal in path-traversal (CVE-2015-4180)
path traversal in path-traversal (CVE-2015-4180). Confidential information can be exposed externally.
CVE-2015-4181 Path Traversal in path-traversal (CVE-2015-4181)
path traversal in path-traversal (CVE-2015-4181). Confidential information can be exposed externally.
CVE-2015-4017 Vulnerability in salt (CVE-2015-4017)
vulnerability in salt (CVE-2015-4017). Data can be tampered with by attackers. Mitigation: upgrade to `2014.7.6` or later.
CVE-2017-13697 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
CVE-2015-8352 Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
CVE-2015-8355 SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
CVE-2017-13671 Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
CVE-2017-9555 Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
CVE-2017-12879 Cross-Site Scripting (XSS) in paessler (CVE-2017-12879)
cross-site scripting in paessler (CVE-2017-12879). Risk of unauthorized operations or information disclosure.
CVE-2017-9511 Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
CVE-2017-12679 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-13669 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-13658 Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
CVE-2017-12970 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
CVE-2017-12971 Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
CVE-2017-11159 Vulnerability in synology (CVE-2017-11159)
vulnerability in synology (CVE-2017-11159). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →