Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-23874 KEV |
|
[KEV] Vulnerability in mcafee (CVE-2021-23874)
vulnerability in mcafee (CVE-2021-23874). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22506 KEV |
|
[KEV] Vulnerability in Micro focus micro-focus (CVE-2021-22506)
vulnerability in Micro focus micro-focus (CVE-2021-22506). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22502 KEV |
|
[KEV] Vulnerability in Micro focus micro-focus (CVE-2021-22502)
vulnerability in Micro focus micro-focus (CVE-2021-22502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-19356 KEV |
|
[KEV] OS Command Injection in Netis wf2419-devices (CVE-2019-19356)
OS command injection in Netis wf2419-devices (CVE-2019-19356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8644 KEV |
|
[KEV] Code Injection in playsms (CVE-2020-8644)
code injection in playsms (CVE-2020-8644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10221 KEV |
|
[KEV] OS Command Injection in rconfig (CVE-2020-10221)
OS command injection in rconfig (CVE-2020-10221). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11652 KEV |
|
[KEV] Path Traversal in Saltstack salt (CVE-2020-11652)
path traversal in Saltstack salt (CVE-2020-11652). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `2019.2.4, 3000.2` or later.
|
| CVE-2020-11651 KEV |
|
[KEV] Vulnerability in Saltstack salt (CVE-2020-11651)
vulnerability in Saltstack salt (CVE-2020-11651). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `2019.2.4, 3000.2` or later.
|
| CVE-2020-16846 KEV |
|
[KEV] OS Command Injection in Saltstack salt (CVE-2020-16846)
OS command injection in Saltstack salt (CVE-2020-16846). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `2015.8.10, 2015.8.13, 2016.3.4, 2016.3.6, 2016.3.8, 2016.11.3, 2016.11.6, 2016.11.10, 2017.7.4, 2017.7.8, 2018.3.5, 2019.2.5, 3000.3` or later.
|
| CVE-2019-16256 KEV |
|
[KEV] Vulnerability in Simalliance toolbox-browser (CVE-2019-16256)
vulnerability in Simalliance toolbox-browser (CVE-2019-16256). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10181 KEV |
|
[KEV] Cross-Site Request Forgery (CSRF) in Sumavision enhanced-multimedia-router-emr (CVE-2020-10181)
vulnerability in Sumavision enhanced-multimedia-router-emr (CVE-2020-10181). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-6327 KEV |
|
[KEV] Vulnerability in symantec (CVE-2017-6327)
vulnerability in symantec (CVE-2017-6327). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-18988 KEV |
|
[KEV] Vulnerability in Teamviewer desktop (CVE-2019-18988)
vulnerability in Teamviewer desktop (CVE-2019-18988). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-31755 KEV |
|
[KEV] Out-of-Bounds Write in Tenda ac11-router (CVE-2021-31755)
out-of-bounds write in Tenda ac11-router (CVE-2021-31755). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10987 KEV |
|
[KEV] OS Command Injection in Tenda ac1900-router-ac15-model (CVE-2020-10987)
OS command injection in Tenda ac1900-router-ac15-model (CVE-2020-10987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-14558 KEV |
|
[KEV] OS Command Injection in Tenda ac7 (CVE-2018-14558)
OS command injection in Tenda ac7 (CVE-2018-14558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-20062 KEV |
|
[KEV] Vulnerability in Thinkphp nonecms (CVE-2018-20062)
vulnerability in Thinkphp nonecms (CVE-2018-20062). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-9082 KEV |
|
[KEV] Vulnerability in thinkphp (CVE-2019-9082)
vulnerability in thinkphp (CVE-2019-9082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-20085 KEV |
|
[KEV] Path Traversal in Tvt nvms-1000 (CVE-2019-20085)
path traversal in Tvt nvms-1000 (CVE-2019-20085). Risk of unauthorized operations or information disclosure. Exploitable via `GET /..`. Listed in CISA KEV — actively exploited.
|
| CVE-2020-5849 KEV |
|
[KEV] Authentication Bypass in unraid (CVE-2020-5849)
authentication bypass in unraid (CVE-2020-5849). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-5847 KEV |
|
[KEV] Vulnerability in unraid (CVE-2020-5847)
vulnerability in unraid (CVE-2020-5847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-16759 KEV |
|
[KEV] Code Injection in vbulletin (CVE-2019-16759)
code injection in vbulletin (CVE-2019-16759). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17496 KEV |
|
[KEV] Vulnerability in vbulletin (CVE-2020-17496)
vulnerability in vbulletin (CVE-2020-17496). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27561 KEV |
|
[KEV] OS Command Injection in Yealink device-management (CVE-2021-27561)
OS command injection in Yealink device-management (CVE-2021-27561). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25213 KEV |
|
[KEV] Unrestricted File Upload in Wordpress file-manager-plugin (CVE-2020-25213)
vulnerability in Wordpress file-manager-plugin (CVE-2020-25213). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11738 KEV |
|
[KEV] Path Traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738)
path traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-9978 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Wordpress social-warfare-plugin (CVE-2019-9978)
cross-site scripting in Wordpress social-warfare-plugin (CVE-2019-9978). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-7600 KEV |
|
[KEV] Vulnerability in drupal (CVE-2018-7600)
vulnerability in drupal (CVE-2018-7600). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-2215 KEV |
|
[KEV] Use-After-Free in android (CVE-2019-2215)
vulnerability in android (CVE-2019-2215). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0041 KEV |
|
[KEV] Vulnerability in android (CVE-2020-0041)
vulnerability in android (CVE-2020-0041). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-15752 KEV |
|
[KEV] Vulnerability in Docker desktop-community-edition (CVE-2019-15752)
vulnerability in Docker desktop-community-edition (CVE-2019-15752). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21017 KEV |
|
[KEV] Vulnerability in Adobe acrobat-and-reader (CVE-2021-21017)
vulnerability in Adobe acrobat-and-reader (CVE-2021-21017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-28550 KEV |
|
[KEV] Use-After-Free in Adobe acrobat-and-reader (CVE-2021-28550)
vulnerability in Adobe acrobat-and-reader (CVE-2021-28550). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-4939 KEV |
|
[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2018-4939)
vulnerability in Adobe coldfusion (CVE-2018-4939). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-15961 KEV |
|
[KEV] Unrestricted File Upload in Adobe coldfusion (CVE-2018-15961)
vulnerability in Adobe coldfusion (CVE-2018-15961). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-4878 KEV |
|
[KEV] Use-After-Free in Adobe flash-player (CVE-2018-4878)
vulnerability in Adobe flash-player (CVE-2018-4878). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-16010 KEV |
|
[KEV] Out-of-Bounds Write in Google chrome-for-android-ui (CVE-2020-16010)
out-of-bounds write in Google chrome-for-android-ui (CVE-2020-16010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15999 KEV |
|
[KEV] Out-of-Bounds Write in Google platform/external/freetype (CVE-2020-15999)
out-of-bounds write in Google platform/external/freetype (CVE-2020-15999). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `11:2021-01-01` or later.
|
| CVE-2021-21166 KEV |
|
[KEV] Vulnerability in Google chromium (CVE-2021-21166)
vulnerability in Google chromium (CVE-2021-21166). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-16017 KEV |
|
[KEV] Use-After-Free in Google chrome (CVE-2020-16017)
vulnerability in Google chrome (CVE-2020-16017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37976 KEV |
|
[KEV] Vulnerability in Google chromium (CVE-2021-37976)
vulnerability in Google chromium (CVE-2021-37976). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-16009 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-v8 (CVE-2020-16009)
out-of-bounds write in Google chromium-v8 (CVE-2020-16009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30632 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2021-30632)
vulnerability in Google chromium-v8 (CVE-2021-30632). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-16013 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-v8 (CVE-2020-16013)
out-of-bounds write in Google chromium-v8 (CVE-2020-16013). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30633 KEV |
|
[KEV] Use-After-Free in Google chromium-indexed-db-api (CVE-2021-30633)
vulnerability in Google chromium-indexed-db-api (CVE-2021-30633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21148 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2021-21148)
vulnerability in Google chromium-v8 (CVE-2021-21148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37973 KEV |
|
[KEV] Use-After-Free in Google chromium-portals (CVE-2021-37973)
vulnerability in Google chromium-portals (CVE-2021-37973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30551 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2021-30551)
vulnerability in Google chromium-v8 (CVE-2021-30551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37975 KEV |
|
[KEV] Use-After-Free in Google chromium-v8 (CVE-2021-37975)
vulnerability in Google chromium-v8 (CVE-2021-37975). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-6418 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2020-6418)
vulnerability in Google chromium-v8 (CVE-2020-6418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|