Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2014-7860 Information Disclosure in d-link (CVE-2014-7860)
vulnerability in d-link (CVE-2014-7860). Risk of unauthorized operations or information disclosure.
CVE-2015-3211 php-fpm allows local users to write to or create arbitrary files via a symlink attack.
php-fpm allows local users to write to or create arbitrary files via a symlink attack.
CVE-2015-4180 Path Traversal in path-traversal (CVE-2015-4180)
path traversal in path-traversal (CVE-2015-4180). Confidential information can be exposed externally.
CVE-2015-4181 Path Traversal in path-traversal (CVE-2015-4181)
path traversal in path-traversal (CVE-2015-4181). Confidential information can be exposed externally.
CVE-2015-3206 Authentication Bypass in pykerberos (CVE-2015-3206)
authentication bypass in pykerberos (CVE-2015-3206). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.1.6` or later.
CVE-2017-13697 controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to the dirname variable.
CVE-2017-13693 Information Disclosure in c (CVE-2017-13693)
vulnerability in c (CVE-2017-13693). Confidential information can be exposed externally.
CVE-2017-13694 Information Disclosure in c (CVE-2017-13694)
vulnerability in c (CVE-2017-13694). Confidential information can be exposed externally.
CVE-2017-13695 Information Disclosure in c (CVE-2017-13695)
vulnerability in c (CVE-2017-13695). Confidential information can be exposed externally.
CVE-2017-13686 Vulnerability in c (CVE-2017-13686)
vulnerability in c (CVE-2017-13686). Successful exploitation can lead to full system takeover.
CVE-2015-8352 Path Traversal in path-traversal (CVE-2015-8352)
path traversal in path-traversal (CVE-2015-8352). Successful exploitation can lead to full system takeover.
CVE-2015-8355 SQL Injection in sqli (CVE-2015-8355)
SQL injection in sqli (CVE-2015-8355). Successful exploitation can lead to full system takeover.
CVE-2015-1800 Information Disclosure in samsung (CVE-2015-1800)
vulnerability in samsung (CVE-2015-1800). Confidential information can be exposed externally.
CVE-2015-1801 Buffer Overflow in dos (CVE-2015-1801)
vulnerability in dos (CVE-2015-1801). Successful exploitation can lead to full system takeover.
CVE-2015-7896 Buffer Overflow in dos (CVE-2015-7896)
vulnerability in dos (CVE-2015-7896). Risk of unauthorized operations or information disclosure.
CVE-2017-12879 Cross-Site Scripting (XSS) in paessler (CVE-2017-12879)
cross-site scripting in paessler (CVE-2017-12879). Risk of unauthorized operations or information disclosure.
CVE-2017-13671 Cross-Site Scripting (XSS) in misp (CVE-2017-13671)
cross-site scripting in misp (CVE-2017-13671). Risk of unauthorized operations or information disclosure.
CVE-2017-9555 Cross-Site Scripting (XSS) in synology (CVE-2017-9555)
cross-site scripting in synology (CVE-2017-9555). Risk of unauthorized operations or information disclosure.
CVE-2017-9511 Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
CVE-2017-9507 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
CVE-2017-9508 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
CVE-2017-9509 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
CVE-2017-9510 Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
CVE-2017-9512 Information Disclosure in atlassian (CVE-2017-9512)
vulnerability in atlassian (CVE-2017-9512). Confidential information can be exposed externally.
CVE-2017-12679 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the delcheater parameter to cheaterbox.php.
CVE-2017-13669 SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered parameter to staffbox.php.
CVE-2017-12134 Vulnerability in c (CVE-2017-12134)
vulnerability in c (CVE-2017-12134). Successful exploitation can lead to full system takeover.
CVE-2017-12135 Vulnerability in dos (CVE-2017-12135)
vulnerability in dos (CVE-2017-12135). Successful exploitation can lead to full system takeover.
CVE-2017-12136 Vulnerability in dos (CVE-2017-12136)
vulnerability in dos (CVE-2017-12136). Successful exploitation can lead to full system takeover.
CVE-2017-12137 Vulnerability in c (CVE-2017-12137)
vulnerability in c (CVE-2017-12137). Successful exploitation can lead to full system takeover.
CVE-2017-12836 Vulnerability in gnu (CVE-2017-12836)
vulnerability in gnu (CVE-2017-12836). Successful exploitation can lead to full system takeover.
CVE-2017-13658 Vulnerability in c (CVE-2017-13658)
vulnerability in c (CVE-2017-13658). Risk of unauthorized operations or information disclosure.
CVE-2017-0805 Vulnerability in google (CVE-2017-0805)
vulnerability in google (CVE-2017-0805). Successful exploitation can lead to full system takeover.
CVE-2017-12847 Vulnerability in nagios (CVE-2017-12847)
vulnerability in nagios (CVE-2017-12847). Data can be tampered with by attackers.
CVE-2017-9506 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9506)
SSRF in ssrf (CVE-2017-9506). Risk of unauthorized operations or information disclosure.
CVE-2017-12970 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
CVE-2017-12971 Cross-Site Scripting (XSS) in apache2triad (CVE-2017-12971)
cross-site scripting in apache2triad (CVE-2017-12971). Risk of unauthorized operations or information disclosure.
CVE-2017-11159 Vulnerability in synology (CVE-2017-11159)
vulnerability in synology (CVE-2017-11159). Successful exploitation can lead to full system takeover.
CVE-2017-12791 Path Traversal in salt (CVE-2017-12791)
path traversal in salt (CVE-2017-12791). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2016.11.7, 2017.7.1` or later.
CVE-2017-13137 The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php.
CVE-2017-13138 Cross-Site Scripting (XSS) in wordpress (CVE-2017-13138)
cross-site scripting in wordpress (CVE-2017-13138). Risk of unauthorized operations or information disclosure.
CVE-2017-13139 Out-of-Bounds Read in c (CVE-2017-13139)
vulnerability in c (CVE-2017-13139). Successful exploitation can lead to full system takeover.
CVE-2017-13140 Buffer Overflow in c (CVE-2017-13140)
vulnerability in c (CVE-2017-13140). Risk of unauthorized operations or information disclosure.
CVE-2017-13141 Vulnerability in c (CVE-2017-13141)
vulnerability in c (CVE-2017-13141). Risk of unauthorized operations or information disclosure.
CVE-2017-13142 Vulnerability in imagemagick (CVE-2017-13142)
vulnerability in imagemagick (CVE-2017-13142). Risk of unauthorized operations or information disclosure.
CVE-2017-13143 Information Disclosure in c (CVE-2017-13143)
vulnerability in c (CVE-2017-13143). Confidential information can be exposed externally.
CVE-2017-13144 Vulnerability in imagemagick (CVE-2017-13144)
vulnerability in imagemagick (CVE-2017-13144). Risk of unauthorized operations or information disclosure.
CVE-2017-13145 Vulnerability in c (CVE-2017-13145)
vulnerability in c (CVE-2017-13145). Risk of unauthorized operations or information disclosure.
CVE-2017-13146 Vulnerability in c (CVE-2017-13146)
vulnerability in c (CVE-2017-13146). Successful exploitation can lead to full system takeover.
CVE-2017-13131 Vulnerability in c (CVE-2017-13131)
vulnerability in c (CVE-2017-13131). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →