Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-5224 |
|
Vulnerability in kernel (CVE-2015-5224)
vulnerability in kernel (CVE-2015-5224). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13137 |
|
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
|
| CVE-2017-12791 |
|
Path Traversal in salt (CVE-2017-12791)
path traversal in salt (CVE-2017-12791). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2016.11.7, 2017.7.1` or later.
|
| CVE-2017-13139 |
|
Out-of-Bounds Read in c (CVE-2017-13139)
vulnerability in c (CVE-2017-13139). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13140 |
|
Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13141 |
|
Vulnerability in c (CVE-2017-13141)
vulnerability in c (CVE-2017-13141). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13142 |
|
Vulnerability in imagemagick (CVE-2017-13142)
vulnerability in imagemagick (CVE-2017-13142). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13143 |
|
Information Disclosure in c (CVE-2017-13143)
vulnerability in c (CVE-2017-13143). Confidential information can be exposed externally.
|
| CVE-2017-13144 |
|
Vulnerability in imagemagick (CVE-2017-13144)
vulnerability in imagemagick (CVE-2017-13144). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13145 |
|
Vulnerability in c (CVE-2017-13145)
vulnerability in c (CVE-2017-13145). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13146 |
|
Vulnerability in c (CVE-2017-13146)
vulnerability in c (CVE-2017-13146). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13131 |
|
Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13132 |
|
Vulnerability in c (CVE-2017-13132)
vulnerability in c (CVE-2017-13132). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13133 |
|
Vulnerability in c (CVE-2017-13133)
vulnerability in c (CVE-2017-13133). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13134 |
|
Out-of-Bounds Read in c (CVE-2017-13134)
vulnerability in c (CVE-2017-13134). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4460 |
|
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
Apache Pony Mail 0.6c through 0.8b allows remote attackers to bypass authentication.
|
| CVE-2017-13058 |
|
Vulnerability in c (CVE-2017-13058)
vulnerability in c (CVE-2017-13058). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13059 |
|
Vulnerability in c (CVE-2017-13059)
vulnerability in c (CVE-2017-13059). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13060 |
|
Vulnerability in c (CVE-2017-13060)
vulnerability in c (CVE-2017-13060). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13061 |
|
Vulnerability in c (CVE-2017-13061)
vulnerability in c (CVE-2017-13061). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13062 |
|
Vulnerability in c (CVE-2017-13062)
vulnerability in c (CVE-2017-13062). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12978 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2017-12978)
cross-site scripting in cacti (CVE-2017-12978). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12979 |
|
Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12979)
cross-site scripting in dokuwiki (CVE-2017-12979). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12980 |
|
Cross-Site Scripting (XSS) in dokuwiki (CVE-2017-12980)
cross-site scripting in dokuwiki (CVE-2017-12980). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12981 |
|
SQL Injection in sqli (CVE-2017-12981)
SQL injection in sqli (CVE-2017-12981). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12984 |
|
Cross-Site Scripting (XSS) in phpmywind (CVE-2017-12984)
cross-site scripting in phpmywind (CVE-2017-12984). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12983 |
|
Buffer Overflow in c (CVE-2017-12983)
vulnerability in c (CVE-2017-12983). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11366 |
|
OS Command Injection in codiad (CVE-2017-11366)
OS command injection in codiad (CVE-2017-11366). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12977 |
|
SQL Injection in wordpress (CVE-2017-12977)
SQL injection in wordpress (CVE-2017-12977). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8446 |
|
Vulnerability in elasticsearch (CVE-2017-8446)
vulnerability in elasticsearch (CVE-2017-8446). Risk of unauthorized operations or information disclosure.
|
| CVE-2007-5341 |
|
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
|
| CVE-2017-12946 |
|
SQL Injection in wordpress (CVE-2017-12946)
SQL injection in wordpress (CVE-2017-12946). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12947 |
|
SQL Injection in wordpress (CVE-2017-12947)
SQL injection in wordpress (CVE-2017-12947). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12948 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-12948)
cross-site scripting in wordpress (CVE-2017-12948). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12949 |
|
SQL Injection in wordpress (CVE-2017-12949)
SQL injection in wordpress (CVE-2017-12949). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3451 |
|
Vulnerability in igniterealtime (CVE-2014-3451)
vulnerability in igniterealtime (CVE-2014-3451). Data can be tampered with by attackers.
|
| CVE-2017-12776 |
|
SQL Injection in sqli (CVE-2017-12776)
SQL injection in sqli (CVE-2017-12776). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12680 |
|
Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php.
Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php.
|
| CVE-2017-9816 |
|
Cross-Site Scripting (XSS) in paessler (CVE-2017-9816)
cross-site scripting in paessler (CVE-2017-9816). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12943 |
|
Path Traversal in path-traversal (CVE-2017-12943)
path traversal in path-traversal (CVE-2017-12943). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10665 |
|
Path Traversal in path-traversal (CVE-2017-10665)
path traversal in path-traversal (CVE-2017-10665). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12940 |
|
Out-of-Bounds Read in rarlab (CVE-2017-12940)
vulnerability in rarlab (CVE-2017-12940). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12941 |
|
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function.
|
| CVE-2017-12942 |
|
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function.
|
| CVE-2017-12939 |
|
Vulnerability in unity3d (CVE-2017-12939)
vulnerability in unity3d (CVE-2017-12939). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12938 |
|
Path Traversal in rarlab (CVE-2017-12938)
path traversal in rarlab (CVE-2017-12938). Confidential information can be exposed externally.
|
| CVE-2017-12932 |
|
Use-After-Free in CVE-2017-12932 (CVE-2017-12932)
vulnerability in CVE-2017-12932 (CVE-2017-12932). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12933 |
|
Out-of-Bounds Read in CVE-2017-12933 (CVE-2017-12933)
vulnerability in CVE-2017-12933 (CVE-2017-12933). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12934 |
|
Use-After-Free in CVE-2017-12934 (CVE-2017-12934)
vulnerability in CVE-2017-12934 (CVE-2017-12934). Data can be tampered with by attackers.
|
| CVE-2017-12927 |
|
Cross-Site Scripting (XSS) in cacti (CVE-2017-12927)
cross-site scripting in cacti (CVE-2017-12927). Risk of unauthorized operations or information disclosure.
|