Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2017-17562 KEV [KEV] Vulnerability in Embedthis goahead (CVE-2017-17562)
vulnerability in Embedthis goahead (CVE-2017-17562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-17463 KEV [KEV] SQL Injection in Fuel cms fuel-cms (CVE-2020-17463)
SQL injection in Fuel cms fuel-cms (CVE-2020-17463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8816 KEV [KEV] OS Command Injection in Pi-hole adminlte (CVE-2020-8816)
OS command injection in Pi-hole adminlte (CVE-2020-8816). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-10758 KEV [KEV] Vulnerability in Mongodb mongo-express (CVE-2019-10758)
vulnerability in Mongodb mongo-express (CVE-2019-10758). Risk of unauthorized operations or information disclosure. Exploitable via ``toBSON``. Listed in CISA KEV — actively exploited.
CVE-2019-13272 KEV [KEV] Privilege Escalation in Linux kernel (CVE-2019-13272)
vulnerability in Linux kernel (CVE-2019-13272). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41449 Path Traversal in path-traversal (CVE-2021-41449)
path traversal in path-traversal (CVE-2021-41449). Confidential information can be exposed externally.
CVE-2021-41450 Vulnerability in dos (CVE-2021-41450)
vulnerability in dos (CVE-2021-41450). Risk of unauthorized operations or information disclosure.
CVE-2021-43687 Cross-Site Scripting (XSS) in chamilo (CVE-2021-43687)
cross-site scripting in chamilo (CVE-2021-43687). Risk of unauthorized operations or information disclosure.
CVE-2021-40438 KEV [KEV] SSRF (Server-Side Request Forgery) in apache (CVE-2021-40438)
SSRF in apache (CVE-2021-40438). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-11261 KEV [KEV] Vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261)
vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2021-01-05` or later.
CVE-2021-37415 KEV [KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415)
vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44077 KEV [KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077)
vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-14847 KEV [KEV] Path Traversal in Mikrotik routeros (CVE-2018-14847)
path traversal in Mikrotik routeros (CVE-2018-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41435 Vulnerability in asus (CVE-2021-41435)
vulnerability in asus (CVE-2021-41435). Successful exploitation can lead to full system takeover.
CVE-2021-41436 Vulnerability in dos (CVE-2021-41436)
vulnerability in dos (CVE-2021-41436). Risk of unauthorized operations or information disclosure.
CVE-2021-22204 KEV [KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-40449 KEV [KEV] Use-After-Free in Microsoft windows (CVE-2021-40449)
vulnerability in Microsoft windows (CVE-2021-40449). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-42321 KEV [KEV] Vulnerability in Microsoft exchange (CVE-2021-42321)
vulnerability in Microsoft exchange (CVE-2021-42321). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-42292 KEV [KEV] Vulnerability in Microsoft office (CVE-2021-42292)
vulnerability in Microsoft office (CVE-2021-42292). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-42296 Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2021-39911 Vulnerability in gitlab (CVE-2021-39911)
vulnerability in gitlab (CVE-2021-39911). Risk of unauthorized operations or information disclosure.
CVE-2021-39913 Privilege Escalation in gitlab (CVE-2021-39913)
vulnerability in gitlab (CVE-2021-39913). Confidential information can be exposed externally.
CVE-2021-39904 Authorization Flaw in gitlab (CVE-2021-39904)
vulnerability in gitlab (CVE-2021-39904). Risk of unauthorized operations or information disclosure.
CVE-2020-6819 KEV [KEV] Vulnerability in Mozilla firefox-and-thunderbird (CVE-2020-6819)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2020-6819). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-6820 KEV [KEV] Vulnerability in Mozilla firefox-and-thunderbird (CVE-2020-6820)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2020-6820). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-17026 KEV [KEV] Vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-17026)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2019-17026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-9805 KEV [KEV] Unsafe Deserialization in Apache struts (CVE-2017-9805)
vulnerability in Apache struts (CVE-2017-9805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-42013 KEV [KEV] Path Traversal in Apache http-server (CVE-2021-42013)
path traversal in Apache http-server (CVE-2021-42013). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41773 KEV [KEV] Path Traversal in Apache http-server (CVE-2021-41773)
path traversal in Apache http-server (CVE-2021-41773). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-0211 KEV [KEV] Use-After-Free in Apache http-server (CVE-2019-0211)
vulnerability in Apache http-server (CVE-2019-0211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-4437 KEV [KEV] Vulnerability in Apache shiro (CVE-2016-4437)
vulnerability in Apache shiro (CVE-2016-4437). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-17558 KEV [KEV] Vulnerability in Apache solr (CVE-2019-17558)
vulnerability in Apache solr (CVE-2019-17558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-17530 KEV [KEV] Vulnerability in Apache struts (CVE-2020-17530)
vulnerability in Apache struts (CVE-2020-17530). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-5638 KEV [KEV] Vulnerability in Apache struts (CVE-2017-5638)
vulnerability in Apache struts (CVE-2017-5638). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-11776 KEV [KEV] Vulnerability in Apache struts (CVE-2018-11776)
vulnerability in Apache struts (CVE-2018-11776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-15505 KEV [KEV] Vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505)
vulnerability in Ivanti mobileiron-multiple-products (CVE-2020-15505). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22893 KEV [KEV] Authentication Bypass in Ivanti pulse-connect-secure (CVE-2021-22893)
authentication bypass in Ivanti pulse-connect-secure (CVE-2021-22893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8243 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2020-8243)
code injection in Ivanti pulse-connect-secure (CVE-2020-8243). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22900 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22900)
code injection in Ivanti pulse-connect-secure (CVE-2021-22900). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22894 KEV [KEV] Code Injection in Ivanti pulse-connect-secure (CVE-2021-22894)
code injection in Ivanti pulse-connect-secure (CVE-2021-22894). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8260 KEV [KEV] Unrestricted File Upload in Ivanti pulse-connect-secure (CVE-2020-8260)
vulnerability in Ivanti pulse-connect-secure (CVE-2020-8260). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22899 KEV [KEV] Command Injection in Ivanti pulse-connect-secure (CVE-2021-22899)
command injection in Ivanti pulse-connect-secure (CVE-2021-22899). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11510 KEV [KEV] Path Traversal in Ivanti pulse-connect-secure (CVE-2019-11510)
path traversal in Ivanti pulse-connect-secure (CVE-2019-11510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11539 KEV [KEV] OS Command Injection in Ivanti pulse-connect-secure-and-pulse-policy-secure (CVE-2019-11539)
OS command injection in Ivanti pulse-connect-secure-and-pulse-policy-secure (CVE-2019-11539). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-29557 KEV [KEV] Buffer Overflow in D-link dir-825-r1-devices (CVE-2020-29557)
vulnerability in D-link dir-825-r1-devices (CVE-2020-29557). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-25506 KEV [KEV] OS Command Injection in D-link dns-320-device (CVE-2020-25506)
OS command injection in D-link dns-320-device (CVE-2020-25506). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3452 KEV [KEV] Vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3452)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3452). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3580 KEV [KEV] Cross-Site Scripting (XSS) in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3580)
cross-site scripting in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-1497 KEV [KEV] OS Command Injection in Cisco hyperflex-hx (CVE-2021-1497)
OS command injection in Cisco hyperflex-hx (CVE-2021-1497). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-1498 KEV [KEV] OS Command Injection in Cisco hyperflex-hx (CVE-2021-1498)
OS command injection in Cisco hyperflex-hx (CVE-2021-1498). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →