Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2014-7860 |
|
Information Disclosure in d-link (CVE-2014-7860)
vulnerability in d-link (CVE-2014-7860). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3211 |
|
php-fpm allows local users to write to or create arbitrary files via a symlink attack.
php-fpm allows local users to write to or create arbitrary files via a symlink attack.
|
| CVE-2015-4180 |
|
Path Traversal in path-traversal (CVE-2015-4180)
path traversal in path-traversal (CVE-2015-4180). Confidential information can be exposed externally.
|
| CVE-2015-4181 |
|
Path Traversal in path-traversal (CVE-2015-4181)
path traversal in path-traversal (CVE-2015-4181). Confidential information can be exposed externally.
|
| CVE-2015-3206 |
|
Authentication Bypass in pykerberos (CVE-2015-3206)
authentication bypass in pykerberos (CVE-2015-3206). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.6` or later.
|
| CVE-2017-13697 |
|
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
|
| CVE-2017-13693 |
|
Information Disclosure in c (CVE-2017-13693)
vulnerability in c (CVE-2017-13693). Confidential information can be exposed externally.
|
| CVE-2017-13694 |
|
Information Disclosure in c (CVE-2017-13694)
vulnerability in c (CVE-2017-13694). Confidential information can be exposed externally.
|
| CVE-2017-13695 |
|
Information Disclosure in c (CVE-2017-13695)
vulnerability in c (CVE-2017-13695). Confidential information can be exposed externally.
|
| CVE-2017-13686 |
|
Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8352 |
|
Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8355 |
|
SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1800 |
|
Information Disclosure in samsung (CVE-2015-1800)
vulnerability in samsung (CVE-2015-1800). Confidential information can be exposed externally.
|
| CVE-2015-1801 |
|
Buffer Overflow in dos (CVE-2015-1801)
vulnerability in dos (CVE-2015-1801). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7896 |
|
Buffer Overflow in dos (CVE-2015-7896)
vulnerability in dos (CVE-2015-7896). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12879 |
|
Cross-Site Scripting (XSS) in paessler (CVE-2017-12879)
cross-site scripting in paessler (CVE-2017-12879). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13671 |
|
Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9555 |
|
Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9511 |
|
Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
|
| CVE-2017-9507 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9508 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9509 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9510 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9512 |
|
Information Disclosure in atlassian (CVE-2017-9512)
vulnerability in atlassian (CVE-2017-9512). Confidential information can be exposed externally.
|
| CVE-2017-12679 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
|
| CVE-2017-13669 |
|
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
|
| CVE-2017-12134 |
|
Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12135 |
|
Vulnerability in dos (CVE-2017-12135)
vulnerability in dos (CVE-2017-12135). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12136 |
|
Vulnerability in dos (CVE-2017-12136)
vulnerability in dos (CVE-2017-12136). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12137 |
|
Vulnerability in c (CVE-2017-12137)
vulnerability in c (CVE-2017-12137). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12836 |
|
Vulnerability in gnu (CVE-2017-12836)
vulnerability in gnu (CVE-2017-12836). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13658 |
|
Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-0805 |
|
Vulnerability in google (CVE-2017-0805)
vulnerability in google (CVE-2017-0805). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12847 |
|
Vulnerability in nagios (CVE-2017-12847)
vulnerability in nagios (CVE-2017-12847). Data can be tampered with by attackers.
|
| CVE-2017-9506 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9506)
SSRF in ssrf (CVE-2017-9506). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12970 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12971 |
|
Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11159 |
|
Vulnerability in synology (CVE-2017-11159)
vulnerability in synology (CVE-2017-11159). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12791 |
|
Path Traversal in salt (CVE-2017-12791)
path traversal in salt (CVE-2017-12791). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2016.11.7, 2017.7.1` or later.
|
| CVE-2017-13137 |
|
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
|
| CVE-2017-13138 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13139 |
|
Out-of-Bounds Read in c (CVE-2017-13139)
vulnerability in c (CVE-2017-13139). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13140 |
|
Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13141 |
|
Vulnerability in c (CVE-2017-13141)
vulnerability in c (CVE-2017-13141). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13142 |
|
Vulnerability in imagemagick (CVE-2017-13142)
vulnerability in imagemagick (CVE-2017-13142). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13143 |
|
Information Disclosure in c (CVE-2017-13143)
vulnerability in c (CVE-2017-13143). Confidential information can be exposed externally.
|
| CVE-2017-13144 |
|
Vulnerability in imagemagick (CVE-2017-13144)
vulnerability in imagemagick (CVE-2017-13144). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13145 |
|
Vulnerability in c (CVE-2017-13145)
vulnerability in c (CVE-2017-13145). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-13146 |
|
Vulnerability in c (CVE-2017-13146)
vulnerability in c (CVE-2017-13146). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13131 |
|
Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.
|