Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2019-0841 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-0841)
vulnerability in Microsoft windows (CVE-2019-0841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0543 KEV |
|
[KEV] Authentication Bypass in Microsoft windows (CVE-2019-0543)
authentication bypass in Microsoft windows (CVE-2019-0543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8120 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2018-8120)
vulnerability in Microsoft win32k (CVE-2018-8120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0101 KEV |
|
[KEV] Buffer Overflow in Microsoft windows (CVE-2017-0101)
vulnerability in Microsoft windows (CVE-2017-0101). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3309 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2016-3309)
vulnerability in Microsoft windows (CVE-2016-3309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2546 KEV |
|
[KEV] Buffer Overflow in Microsoft win32k (CVE-2015-2546)
vulnerability in Microsoft win32k (CVE-2015-2546). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-36368 |
|
Authentication Bypass in openbsd (CVE-2021-36368)
authentication bypass in openbsd (CVE-2021-36368). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-0715 |
|
Authentication Bypass in schneider-electric (CVE-2022-0715)
authentication bypass in schneider-electric (CVE-2022-0715). Data can be tampered with by attackers.
|
| CVE-2022-24509 |
|
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
|
| CVE-2022-24510 |
|
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
|
| CVE-2022-24511 |
|
Microsoft Office Word Tampering Vulnerability
Microsoft Office Word Tampering Vulnerability
|
| CVE-2022-24512 |
|
Code Injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512)
code injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
|
| CVE-2022-24461 |
|
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
|
| CVE-2022-24462 |
|
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
|
| CVE-2022-24501 |
|
VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
|
| CVE-2022-24464 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
|
| CVE-2022-24451 |
|
VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
|
| CVE-2022-24457 |
|
HEIF Image Extensions Remote Code Execution Vulnerability
HEIF Image Extensions Remote Code Execution Vulnerability
|
| CVE-2022-23282 |
|
Paint 3D Remote Code Execution Vulnerability
Paint 3D Remote Code Execution Vulnerability
|
| CVE-2022-26486 KEV |
|
[KEV] Use-After-Free in Mozilla firefox (CVE-2022-26486)
vulnerability in Mozilla firefox (CVE-2022-26486). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26485 KEV |
|
[KEV] Use-After-Free in Mozilla firefox (CVE-2022-26485)
vulnerability in Mozilla firefox (CVE-2022-26485). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21973 KEV |
|
[KEV] Vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973)
vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11581 KEV |
|
[KEV] Vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581)
vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-6077 KEV |
|
[KEV] OS Command Injection in Netgear wireless-router-dgn2200 (CVE-2017-6077)
OS command injection in Netgear wireless-router-dgn2200 (CVE-2017-6077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-6277 KEV |
|
[KEV] Cross-Site Request Forgery (CSRF) in Netgear multiple-routers (CVE-2016-6277)
vulnerability in Netgear multiple-routers (CVE-2016-6277). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8218 KEV |
|
[KEV] Code Injection in Pulse secure pulse-secure (CVE-2020-8218)
code injection in Pulse secure pulse-secure (CVE-2020-8218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-0631 KEV |
|
[KEV] Information Disclosure in Adobe coldfusion (CVE-2013-0631)
vulnerability in Adobe coldfusion (CVE-2013-0631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-0629 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2013-0629)
vulnerability in Adobe coldfusion (CVE-2013-0629). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-0625 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2013-0625)
vulnerability in Adobe coldfusion (CVE-2013-0625). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2009-3960 KEV |
|
[KEV] Vulnerability in Adobe blazeds (CVE-2009-3960)
vulnerability in Adobe blazeds (CVE-2009-3960). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-38265 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38265)
cross-site scripting in liferay (CVE-2021-38265). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-25146 |
|
Vulnerability in csrf (CVE-2022-25146)
vulnerability in csrf (CVE-2022-25146). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38267 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38267)
cross-site scripting in liferay (CVE-2021-38267). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38269 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38269)
cross-site scripting in liferay (CVE-2021-38269). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38263 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38263)
cross-site scripting in liferay (CVE-2021-38263). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-38264 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-38264)
cross-site scripting in liferay (CVE-2021-38264). Risk of unauthorized operations or information disclosure. Exploitable via ``keywords``.
|
| CVE-2013-1675 KEV |
|
[KEV] Buffer Overflow in Mozilla firefox (CVE-2013-1675)
vulnerability in Mozilla firefox (CVE-2013-1675). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1938 KEV |
|
[KEV] Privilege Escalation in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938)
vulnerability in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `7.0.100` or later.
|
| CVE-2022-20708 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20708)
vulnerability in Cisco small-business-rv160 (CVE-2022-20708). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20703 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20703)
vulnerability in Cisco small-business-rv160 (CVE-2022-20703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20701 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20701)
vulnerability in Cisco small-business-rv160 (CVE-2022-20701). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20700 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20700)
vulnerability in Cisco small-business-rv160 (CVE-2022-20700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20699 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20699)
vulnerability in Cisco small-business-rv160 (CVE-2022-20699). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1652 KEV |
|
[KEV] Vulnerability in Cisco small-business-rv320-and-rv325-dual-gigabit-wan-vpn-routers (CVE-2019-1652)
vulnerability in Cisco small-business-rv320-and-rv325-dual-gigabit-wan-vpn-routers (CVE-2019-1652). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0180 KEV |
|
[KEV] Vulnerability in Cisco ios-software (CVE-2018-0180)
vulnerability in Cisco ios-software (CVE-2018-0180). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0179 KEV |
|
[KEV] Vulnerability in Cisco ios-software (CVE-2018-0179)
vulnerability in Cisco ios-software (CVE-2018-0179). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0175 KEV |
|
[KEV] Buffer Overflow in Cisco ios (CVE-2018-0175)
vulnerability in Cisco ios (CVE-2018-0175). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0174 KEV |
|
[KEV] Vulnerability in Cisco ios-xe-software (CVE-2018-0174)
vulnerability in Cisco ios-xe-software (CVE-2018-0174). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0173 KEV |
|
[KEV] Vulnerability in Cisco ios-and-ios-xe-software (CVE-2018-0173)
vulnerability in Cisco ios-and-ios-xe-software (CVE-2018-0173). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-0172 KEV |
|
[KEV] Vulnerability in Cisco ios-and-ios-xe-software (CVE-2018-0172)
vulnerability in Cisco ios-and-ios-xe-software (CVE-2018-0172). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|