Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-12621 |
|
XXE (XML External Entity) in apache (CVE-2017-12621)
vulnerability in apache (CVE-2017-12621). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1407 |
|
Command Injection in ibm (CVE-2017-1407)
command injection in ibm (CVE-2017-1407). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7256 |
|
Vulnerability in zyxel (CVE-2015-7256)
vulnerability in zyxel (CVE-2015-7256). Confidential information can be exposed externally.
|
| CVE-2014-9686 |
|
Vulnerability in dos (CVE-2014-9686)
vulnerability in dos (CVE-2014-9686). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-10932 |
|
Unsafe Deserialization in c (CVE-2017-10932)
vulnerability in c (CVE-2017-10932). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1526 |
|
Vulnerability in dos (CVE-2015-1526)
vulnerability in dos (CVE-2015-1526). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-1537 |
|
Vulnerability in cpp (CVE-2015-1537)
vulnerability in cpp (CVE-2015-1537). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14760 |
|
SQL Injection in wordpress (CVE-2017-14760)
SQL injection in wordpress (CVE-2017-14760). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14761 |
|
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14762 |
|
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
|
| CVE-2017-14763 |
|
Vulnerability in genixcms (CVE-2017-14763)
vulnerability in genixcms (CVE-2017-14763). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14764 |
|
Code Injection in genixcms (CVE-2017-14764)
code injection in genixcms (CVE-2017-14764). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14765 |
|
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
In GeniXCMS 1.1.4, gxadmin/index.php has XSS via the Menu ID field in a page=menus request.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14753 |
|
Cross-Site Scripting (XSS) in eyesofnetwork (CVE-2017-14753)
cross-site scripting in eyesofnetwork (CVE-2017-14753). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14751 |
|
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
|
| CVE-2017-1425 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1425)
cross-site scripting in ibm (CVE-2017-1425). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1527 |
|
XXE (XML External Entity) in ibm (CVE-2017-1527)
vulnerability in ibm (CVE-2017-1527). Confidential information can be exposed externally.
|
| CVE-2017-1530 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1530)
cross-site scripting in ibm (CVE-2017-1530). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1531 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2017-1531)
cross-site scripting in ibm (CVE-2017-1531). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1539 |
|
Vulnerability in privilege-escalation (CVE-2017-1539)
vulnerability in privilege-escalation (CVE-2017-1539). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14745 |
|
Vulnerability in c (CVE-2017-14745)
vulnerability in c (CVE-2017-14745). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7390 |
|
SQL Injection in sqli (CVE-2015-7390)
SQL injection in sqli (CVE-2015-7390). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7391 |
|
Cross-Site Scripting (XSS) in testlink (CVE-2015-7391)
cross-site scripting in testlink (CVE-2015-7391). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
|
| CVE-2015-7670 |
|
SQL Injection in wordpress (CVE-2015-7670)
SQL injection in wordpress (CVE-2015-7670). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14704 |
|
Unrestricted File Upload in laravel (CVE-2017-14704)
vulnerability in laravel (CVE-2017-14704). Successful exploitation can lead to full system takeover.
|
| CVE-2015-0874 |
|
Vulnerability in okb (CVE-2015-0874)
vulnerability in okb (CVE-2015-0874). Confidential information can be exposed externally.
|
| CVE-2017-14602 |
|
Authentication Bypass in citrix (CVE-2017-14602)
authentication bypass in citrix (CVE-2017-14602). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13129 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5192 |
|
Authentication Bypass in salt (CVE-2017-5192)
authentication bypass in salt (CVE-2017-5192). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
|
| CVE-2017-5200 |
|
Vulnerability in salt (CVE-2017-5200)
vulnerability in salt (CVE-2017-5200). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
|
| CVE-2017-1000252 |
|
Vulnerability in c (CVE-2017-1000252)
vulnerability in c (CVE-2017-1000252). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12154 |
|
Vulnerability in c (CVE-2017-12154)
vulnerability in c (CVE-2017-12154). Confidential information can be exposed externally.
|
| CVE-2017-14739 |
|
Vulnerability in c (CVE-2017-14739)
vulnerability in c (CVE-2017-14739). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14741 |
|
Vulnerability in c (CVE-2017-14741)
vulnerability in c (CVE-2017-14741). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9961 |
|
Vulnerability in schneider-electric (CVE-2017-9961)
vulnerability in schneider-electric (CVE-2017-9961). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7969 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7970 |
|
Vulnerability in schneider-electric (CVE-2017-7970)
vulnerability in schneider-electric (CVE-2017-7970). Confidential information can be exposed externally.
|
| CVE-2017-7971 |
|
Vulnerability in schneider-electric (CVE-2017-7971)
vulnerability in schneider-electric (CVE-2017-7971). Confidential information can be exposed externally.
|
| CVE-2017-7972 |
|
Vulnerability in schneider-electric (CVE-2017-7972)
vulnerability in schneider-electric (CVE-2017-7972). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7973 |
|
SQL Injection in sqli (CVE-2017-7973)
SQL injection in sqli (CVE-2017-7973). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7974 |
|
Path Traversal in path-traversal (CVE-2017-7974)
path traversal in path-traversal (CVE-2017-7974). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9956 |
|
Vulnerability in schneider-electric (CVE-2017-9956)
vulnerability in schneider-electric (CVE-2017-9956). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9957 |
|
Vulnerability in schneider-electric (CVE-2017-9957)
vulnerability in schneider-electric (CVE-2017-9957). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9958 |
|
Vulnerability in schneider-electric (CVE-2017-9958)
vulnerability in schneider-electric (CVE-2017-9958). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9959 |
|
Vulnerability in dos (CVE-2017-9959)
vulnerability in dos (CVE-2017-9959). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9960 |
|
Information Disclosure in schneider-electric (CVE-2017-9960)
vulnerability in schneider-electric (CVE-2017-9960). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-0997 |
|
Vulnerability in dos (CVE-2014-0997)
vulnerability in dos (CVE-2014-0997). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-8375 |
|
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.
|
| CVE-2016-5868 |
|
Vulnerability in c (CVE-2016-5868)
vulnerability in c (CVE-2016-5868). Successful exploitation can lead to full system takeover.
|