Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-27593 KEV |
|
[KEV] Vulnerability in Qnap photo-station (CVE-2022-27593)
vulnerability in Qnap photo-station (CVE-2022-27593). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7445 KEV |
|
[KEV] Buffer Overflow in Mikrotik routeros (CVE-2018-7445)
vulnerability in Mikrotik routeros (CVE-2018-7445). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-5521 KEV |
|
[KEV] Information Disclosure in Netgear multiple-devices (CVE-2017-5521)
vulnerability in Netgear multiple-devices (CVE-2017-5521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2011-1823 KEV |
|
[KEV] Vulnerability in android (CVE-2011-1823)
vulnerability in android (CVE-2011-1823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-3075 KEV |
|
[KEV] Vulnerability in Google chromium-mojo (CVE-2022-3075)
vulnerability in Google chromium-mojo (CVE-2022-3075). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-9934 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2020-9934)
vulnerability in Apple ios (CVE-2020-9934). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-30078 |
|
OS Command Injection in netgear (CVE-2022-30078)
OS command injection in netgear (CVE-2022-30078). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36202 |
|
Vulnerability in doctors-appointment-system-project (CVE-2022-36202)
vulnerability in doctors-appointment-system-project (CVE-2022-36202). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37053 |
|
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
|
| CVE-2021-31010 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2021-31010)
vulnerability in Apple ios (CVE-2021-31010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-24706 KEV |
|
[KEV] Vulnerability in Apache couchdb (CVE-2022-24706)
vulnerability in Apache couchdb (CVE-2022-24706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-24112 KEV |
|
[KEV] Vulnerability in Apache apisix (CVE-2022-24112)
vulnerability in Apache apisix (CVE-2022-24112). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-39226 KEV |
|
[KEV] Authentication Bypass in Grafana labs grafana-labs (CVE-2021-39226)
authentication bypass in Grafana labs grafana-labs (CVE-2021-39226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26352 KEV |
|
[KEV] Path Traversal in dotcms (CVE-2022-26352)
path traversal in dotcms (CVE-2022-26352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22963 KEV |
|
[KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2022-22963)
code injection in Vmware tanzu vmware-tanzu (CVE-2022-22963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-2294 KEV |
|
[KEV] Vulnerability in webrtc (CVE-2022-2294)
vulnerability in webrtc (CVE-2022-2294). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-38406 KEV |
|
[KEV] Out-of-Bounds Write in Delta electronics delta-electronics (CVE-2021-38406)
out-of-bounds write in Delta electronics delta-electronics (CVE-2021-38406). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-36193 KEV |
|
[KEV] Path Traversal in Pear archive-tar (CVE-2020-36193)
path traversal in Pear archive-tar (CVE-2020-36193). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-28949 KEV |
|
[KEV] Vulnerability in Pear archive-tar (CVE-2020-28949)
vulnerability in Pear archive-tar (CVE-2020-28949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-4040 |
|
Vulnerability in redhat (CVE-2021-4040)
vulnerability in redhat (CVE-2021-4040). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-42232 |
|
OS Command Injection in tp-link (CVE-2021-42232)
OS command injection in tp-link (CVE-2021-42232). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35278 |
|
Cross-Site Scripting (XSS) in org.apache.activemq:artemis-server (CVE-2022-35278)
cross-site scripting in org.apache.activemq:artemis-server (CVE-2022-35278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.24.0` or later.
|
| CVE-2022-0028 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2022-0028)
vulnerability in Palo alto networks palo-alto-networks (CVE-2022-0028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-35201 |
|
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
|
| CVE-2017-15944 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2017-15944)
vulnerability in Palo alto networks palo-alto-networks (CVE-2017-15944). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22536 KEV |
|
[KEV] Vulnerability in Sap multiple-products (CVE-2022-22536)
vulnerability in Sap multiple-products (CVE-2022-22536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-2856 KEV |
|
[KEV] Vulnerability in Google chromium-intents (CVE-2022-2856)
vulnerability in Google chromium-intents (CVE-2022-2856). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-32894 KEV |
|
[KEV] Vulnerability in Apple ios-and-macos (CVE-2022-32894)
vulnerability in Apple ios-and-macos (CVE-2022-32894). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-32893 KEV |
|
[KEV] Vulnerability in Apple ios-and-macos (CVE-2022-32893)
vulnerability in Apple ios-and-macos (CVE-2022-32893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26923 KEV |
|
[KEV] Vulnerability in Microsoft active-directory (CVE-2022-26923)
vulnerability in Microsoft active-directory (CVE-2022-26923). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-21971 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-21971)
vulnerability in Microsoft windows (CVE-2022-21971). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-36530 |
|
Cross-Site Scripting (XSS) in rageframe (CVE-2022-36530)
cross-site scripting in rageframe (CVE-2022-36530). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-36262 |
|
Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27925 KEV |
|
[KEV] Path Traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27925)
path traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27925). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-37042 KEV |
|
[KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-35293 |
|
Vulnerability in sap (CVE-2022-35293)
vulnerability in sap (CVE-2022-35293). Confidential information can be exposed externally.
|
| CVE-2022-36124 |
|
Vulnerability in apache-avro (CVE-2022-36124)
vulnerability in apache-avro (CVE-2022-36124). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.14.0` or later.
|
| CVE-2022-30333 KEV |
|
[KEV] Path Traversal in Rarlab unrar (CVE-2022-30333)
path traversal in Rarlab unrar (CVE-2022-30333). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-34713 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-34713)
vulnerability in Microsoft windows (CVE-2022-34713). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-2356 |
|
Unrestricted File Upload in wordpress (CVE-2022-2356)
vulnerability in wordpress (CVE-2022-2356). Successful exploitation can lead to full system takeover.
|
| CVE-2022-28880 |
|
Vulnerability in f-secure (CVE-2022-28880)
vulnerability in f-secure (CVE-2022-28880). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-27924 KEV |
|
[KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26138 KEV |
|
[KEV] Vulnerability in Atlassian confluence (CVE-2022-26138)
vulnerability in Atlassian confluence (CVE-2022-26138). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-2160 |
|
Vulnerability in google (CVE-2022-2160)
vulnerability in google (CVE-2022-2160). Confidential information can be exposed externally.
|
| CVE-2022-34611 |
|
Cross-Site Scripting (XSS) in online-fire-reporting-system-project (CVE-2022-34611)
cross-site scripting in online-fire-reporting-system-project (CVE-2022-34611). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24992 |
|
Path Traversal in path-traversal (CVE-2022-24992)
path traversal in path-traversal (CVE-2022-24992). Confidential information can be exposed externally.
|
| CVE-2022-21535 |
|
Vulnerability in c (CVE-2022-21535)
vulnerability in c (CVE-2022-21535). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-34169 |
|
Vulnerability in apache (CVE-2022-34169)
vulnerability in apache (CVE-2022-34169). Data can be tampered with by attackers.
|
| CVE-2021-42923 |
|
Vulnerability in showmypc (CVE-2021-42923)
vulnerability in showmypc (CVE-2021-42923). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35409 |
|
Out-of-Bounds Read in arm (CVE-2022-35409)
vulnerability in arm (CVE-2022-35409). Confidential information can be exposed externally.
|