Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-8443 |
|
Vulnerability in elastic (CVE-2017-8443)
vulnerability in elastic (CVE-2017-8443). Confidential information can be exposed externally.
|
| CVE-2015-9102 |
|
Cross-Site Scripting (XSS) in synology (CVE-2015-9102)
cross-site scripting in synology (CVE-2015-9102). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10682 |
|
SQL Injection in sqli (CVE-2017-10682)
SQL injection in sqli (CVE-2017-10682). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10673 |
|
admin/profile.php in GetSimple CMS 3.x has XSS in a name field.
admin/profile.php in GetSimple CMS 3.x has XSS in a name field.
|
| CVE-2017-10667 |
|
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
|
| CVE-2017-7686 |
|
Information Disclosure in apache (CVE-2017-7686)
vulnerability in apache (CVE-2017-7686). Confidential information can be exposed externally.
|
| CVE-2017-6086 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6086)
vulnerability in csrf (CVE-2017-6086). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1778 |
|
Authentication Bypass in org.opendaylight.odlparent:opendaylight-karaf-resources (CVE-2015-1778)
authentication bypass in org.opendaylight.odlparent:opendaylight-karaf-resources (CVE-2015-1778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.2.3-Helium-SR3` or later.
|
| CVE-2015-5378 |
|
Information Disclosure in elastic (CVE-2015-5378)
vulnerability in elastic (CVE-2015-5378). Confidential information can be exposed externally.
|
| CVE-2016-0959 |
|
Use-After-Free in adobe (CVE-2016-0959)
vulnerability in adobe (CVE-2016-0959). Successful exploitation can lead to full system takeover.
|
| CVE-2014-6354 |
|
Buffer Overflow in microsoft (CVE-2014-6354)
vulnerability in microsoft (CVE-2014-6354). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9830 |
|
Unsafe Deserialization in apache (CVE-2017-9830)
vulnerability in apache (CVE-2017-9830). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1105 |
|
Buffer Overflow in dos (CVE-2017-1105)
vulnerability in dos (CVE-2017-1105). Data can be tampered with by attackers.
|
| CVE-2017-1297 |
|
Buffer Overflow in ibm (CVE-2017-1297)
vulnerability in ibm (CVE-2017-1297). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9145 |
|
Cross-Site Scripting (XSS) in tiki (CVE-2017-9145)
cross-site scripting in tiki (CVE-2017-9145). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9846 |
|
Path Traversal in path-traversal (CVE-2017-9846)
path traversal in path-traversal (CVE-2017-9846). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9836 |
|
Cross-Site Scripting (XSS) in piwigo (CVE-2017-9836)
cross-site scripting in piwigo (CVE-2017-9836). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3629 |
|
Buffer Overflow in c (CVE-2017-3629)
vulnerability in c (CVE-2017-3629). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3630 |
|
Out-of-Bounds Write in c (CVE-2017-3630)
out-of-bounds write in c (CVE-2017-3630). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-3631 |
|
Buffer Overflow in c (CVE-2017-3631)
vulnerability in c (CVE-2017-3631). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-6706 |
|
Vulnerability in sophos (CVE-2012-6706)
vulnerability in sophos (CVE-2012-6706). Successful exploitation can lead to full system takeover.
|
| CVE-2016-7508 |
|
SQL Injection in sqli (CVE-2016-7508)
SQL injection in sqli (CVE-2016-7508). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9771 |
|
Code Injection in websitebaker (CVE-2017-9771)
code injection in websitebaker (CVE-2017-9771). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3075 |
|
Use-After-Free in adobe (CVE-2017-3075)
vulnerability in adobe (CVE-2017-3075). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3076 |
|
Buffer Overflow in adobe (CVE-2017-3076)
vulnerability in adobe (CVE-2017-3076). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3077 |
|
Buffer Overflow in adobe (CVE-2017-3077)
vulnerability in adobe (CVE-2017-3077). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3078 |
|
Buffer Overflow in adobe (CVE-2017-3078)
vulnerability in adobe (CVE-2017-3078). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3079 |
|
Buffer Overflow in adobe (CVE-2017-3079)
vulnerability in adobe (CVE-2017-3079). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3081 |
|
Use-After-Free in adobe (CVE-2017-3081)
vulnerability in adobe (CVE-2017-3081). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3082 |
|
Buffer Overflow in adobe (CVE-2017-3082)
vulnerability in adobe (CVE-2017-3082). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3083 |
|
Use-After-Free in adobe (CVE-2017-3083)
vulnerability in adobe (CVE-2017-3083). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3084 |
|
Use-After-Free in adobe (CVE-2017-3084)
vulnerability in adobe (CVE-2017-3084). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3167 |
|
Authentication Bypass in apache (CVE-2017-3167)
authentication bypass in apache (CVE-2017-3167). Successful exploitation can lead to full system takeover.
|
| CVE-2017-3169 |
|
Vulnerability in apache (CVE-2017-3169)
vulnerability in apache (CVE-2017-3169). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7668 |
|
Vulnerability in apache (CVE-2017-7668)
vulnerability in apache (CVE-2017-7668). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7679 |
|
Vulnerability in apache (CVE-2017-7679)
vulnerability in apache (CVE-2017-7679). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000369 |
|
Vulnerability in exim (CVE-2017-1000369)
vulnerability in exim (CVE-2017-1000369). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9759 |
|
SQL Injection in sqli (CVE-2017-9759)
SQL injection in sqli (CVE-2017-9759). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9730 |
|
SQL Injection in sqli (CVE-2017-9730)
SQL injection in sqli (CVE-2017-9730). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9668 |
|
Cross-Site Scripting (XSS) in cmsmadesimple (CVE-2017-9668)
cross-site scripting in cmsmadesimple (CVE-2017-9668). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9741 |
|
Vulnerability in projectsend (CVE-2017-9741)
vulnerability in projectsend (CVE-2017-9741). Successful exploitation can lead to full system takeover.
|
| CVE-2015-3254 |
|
Vulnerability in apache (CVE-2015-3254)
vulnerability in apache (CVE-2015-3254). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10362 |
|
Vulnerability in elasticsearch (CVE-2016-10362)
vulnerability in elasticsearch (CVE-2016-10362). Confidential information can be exposed externally.
|
| CVE-2015-9056 |
|
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
|
| CVE-2016-1000219 |
|
Vulnerability in elastic (CVE-2016-1000219)
vulnerability in elastic (CVE-2016-1000219). Data can be tampered with by attackers. Exploitable via `Authorization header`.
|
| CVE-2016-1000220 |
|
Cross-Site Scripting (XSS) in elastic (CVE-2016-1000220)
cross-site scripting in elastic (CVE-2016-1000220). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10364 |
|
Vulnerability in elastic (CVE-2016-10364)
vulnerability in elastic (CVE-2016-10364). Confidential information can be exposed externally.
|
| CVE-2016-10365 |
|
Open Redirect in elastic (CVE-2016-10365)
vulnerability in elastic (CVE-2016-10365). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-10366 |
|
Cross-Site Scripting (XSS) in elastic (CVE-2016-10366)
cross-site scripting in elastic (CVE-2016-10366). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8451 |
|
Open Redirect in elastic (CVE-2017-8451)
vulnerability in elastic (CVE-2017-8451). Risk of unauthorized operations or information disclosure.
|