Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2020-0674 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2020-0674)
vulnerability in Microsoft internet-explorer (CVE-2020-0674). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27059 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2021-27059)
vulnerability in Microsoft office (CVE-2021-27059). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1367 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft internet-explorer (CVE-2019-1367)
out-of-bounds write in Microsoft internet-explorer (CVE-2019-1367). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0199 KEV |
|
[KEV] Vulnerability in Microsoft office-and-wordpad (CVE-2017-0199)
vulnerability in Microsoft office-and-wordpad (CVE-2017-0199). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1380 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft internet-explorer (CVE-2020-1380)
out-of-bounds write in Microsoft internet-explorer (CVE-2020-1380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1429 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2019-1429)
vulnerability in Microsoft internet-explorer (CVE-2019-1429). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-11774 KEV |
|
[KEV] Buffer Overflow in Microsoft office (CVE-2017-11774)
vulnerability in Microsoft office (CVE-2017-11774). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0968 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft internet-explorer (CVE-2020-0968)
out-of-bounds write in Microsoft internet-explorer (CVE-2020-0968). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1472 KEV |
|
[KEV] Vulnerability in Microsoft netlogon (CVE-2020-1472)
vulnerability in Microsoft netlogon (CVE-2020-1472). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26855 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-26855)
SSRF in Microsoft exchange-server (CVE-2021-26855). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26858 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-26858)
vulnerability in Microsoft exchange-server (CVE-2021-26858). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27065 KEV |
|
[KEV] Vulnerability in Microsoft exchange-server (CVE-2021-27065)
vulnerability in Microsoft exchange-server (CVE-2021-27065). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1054 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft win32k (CVE-2020-1054)
out-of-bounds write in Microsoft win32k (CVE-2020-1054). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-1675 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2021-1675)
vulnerability in Microsoft windows (CVE-2021-1675). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34448 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2021-34448)
out-of-bounds write in Microsoft windows (CVE-2021-34448). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0601 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2020-0601)
vulnerability in Microsoft windows (CVE-2020-0601). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0604 KEV |
|
[KEV] Vulnerability in Microsoft sharepoint (CVE-2019-0604)
vulnerability in Microsoft sharepoint (CVE-2019-0604). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0646 KEV |
|
[KEV] Vulnerability in Microsoft net-framework (CVE-2020-0646)
vulnerability in Microsoft net-framework (CVE-2020-0646). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0808 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2019-0808)
vulnerability in Microsoft win32k (CVE-2019-0808). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26857 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2021-26857)
vulnerability in Microsoft exchange-server (CVE-2021-26857). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-1147 KEV |
|
[KEV] Vulnerability in Microsoft net-framework (CVE-2020-1147)
vulnerability in Microsoft net-framework (CVE-2020-1147). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1214 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-1214)
vulnerability in Microsoft windows (CVE-2019-1214). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3235 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2016-3235)
vulnerability in Microsoft office (CVE-2016-3235). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0863 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2019-0863)
vulnerability in Microsoft windows (CVE-2019-0863). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-36955 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2021-36955)
vulnerability in Microsoft windows (CVE-2021-36955). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-38648 KEV |
|
[KEV] Vulnerability in Microsoft open-management-infrastructure-omi (CVE-2021-38648)
vulnerability in Microsoft open-management-infrastructure-omi (CVE-2021-38648). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25877 |
|
Code Injection in youphptube (CVE-2021-25877)
code injection in youphptube (CVE-2021-25877). Successful exploitation can lead to full system takeover.
|
| CVE-2021-29006 |
|
Path Traversal in rconfig (CVE-2021-29006)
path traversal in rconfig (CVE-2021-29006). Confidential information can be exposed externally.
|
| CVE-2021-37223 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
|
| CVE-2020-26146 |
|
Vulnerability in platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn (CVE-2020-26146)
vulnerability in platform/vendor/qcom-opensource/wlan/qca-wifi-host-cmn (CVE-2020-26146). Data can be tampered with by attackers. Mitigation: upgrade to `SoCVersion:2021-10-05` or later.
|
| CVE-2021-41617 |
|
Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21468 |
|
Vulnerability in dos (CVE-2020-21468)
vulnerability in dos (CVE-2020-21468). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20012 |
|
Vulnerability in openbsd (CVE-2016-20012)
vulnerability in openbsd (CVE-2016-20012). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-37345 |
|
Privilege Escalation in privilege-escalation (CVE-2021-37345)
vulnerability in privilege-escalation (CVE-2021-37345). Successful exploitation can lead to full system takeover.
|
| CVE-2021-38202 |
|
Out-of-Bounds Read in dos (CVE-2021-38202)
vulnerability in dos (CVE-2021-38202). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-18169 |
|
Privilege Escalation in techsmith (CVE-2020-18169)
vulnerability in techsmith (CVE-2020-18169). Successful exploitation can lead to full system takeover.
|
| CVE-2020-18171 |
|
Privilege Escalation in techsmith (CVE-2020-18171)
vulnerability in techsmith (CVE-2020-18171). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22926 |
|
Vulnerability in haxx (CVE-2021-22926)
vulnerability in haxx (CVE-2021-22926). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSLCERT``.
|
| CVE-2020-22168 |
|
SQL Injection in sqli (CVE-2020-22168)
SQL injection in sqli (CVE-2020-22168). Confidential information can be exposed externally.
|
| CVE-2021-22763 |
|
Vulnerability in schneider-electric (CVE-2021-22763)
vulnerability in schneider-electric (CVE-2021-22763). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22764 |
|
Authentication Bypass in schneider-electric (CVE-2021-22764)
authentication bypass in schneider-electric (CVE-2021-22764). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22765 |
|
Vulnerability in dos (CVE-2021-22765)
vulnerability in dos (CVE-2021-22765). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22766 |
|
Vulnerability in dos (CVE-2021-22766)
vulnerability in dos (CVE-2021-22766). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-22767 |
|
Vulnerability in dos (CVE-2021-22767)
vulnerability in dos (CVE-2021-22767). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22768 |
|
Vulnerability in dos (CVE-2021-22768)
vulnerability in dos (CVE-2021-22768). Successful exploitation can lead to full system takeover.
|
| CVE-2021-22769 |
|
Privilege Escalation in schneider-electric (CVE-2021-22769)
vulnerability in schneider-electric (CVE-2021-22769). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-29049 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2021-29049)
cross-site scripting in liferay (CVE-2021-29049). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-3522 |
|
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
|
| CVE-2020-15782 |
|
Buffer Overflow in siemens (CVE-2020-15782)
vulnerability in siemens (CVE-2020-15782). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26679 |
|
Vulnerability in vfairs (CVE-2020-26679)
vulnerability in vfairs (CVE-2020-26679). Risk of unauthorized operations or information disclosure.
|