Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2014-3566 Vulnerability in redhat (CVE-2014-3566)
vulnerability in redhat (CVE-2014-3566). Risk of unauthorized operations or information disclosure.
CVE-2014-4744 Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone numbe...
Multiple cross-site scripting (XSS) vulnerabilities in osTicket before 1.9.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone Number field to open.php or (2) Phone number field, (3) passwd1 field, (4) passwd2 field, or (5) do parameter to account.php.
CVE-2014-2653 Vulnerability in c (CVE-2014-2653)
vulnerability in c (CVE-2014-2653). Risk of unauthorized operations or information disclosure.
CVE-2014-2532 Vulnerability in oracle (CVE-2014-2532)
vulnerability in oracle (CVE-2014-2532). Risk of unauthorized operations or information disclosure.
CVE-2014-0759 Vulnerability in schneider-electric (CVE-2014-0759)
vulnerability in schneider-electric (CVE-2014-0759). Risk of unauthorized operations or information disclosure.
CVE-2014-1692 Buffer Overflow in c (CVE-2014-1692)
vulnerability in c (CVE-2014-1692). Risk of unauthorized operations or information disclosure.
CVE-2013-1609 Vulnerability in symantec (CVE-2013-1609)
vulnerability in symantec (CVE-2013-1609). Risk of unauthorized operations or information disclosure.
CVE-2013-2566 Vulnerability in oracle (CVE-2013-2566)
vulnerability in oracle (CVE-2013-2566). Confidential information can be exposed externally.
CVE-2012-4549 Vulnerability in redhat (CVE-2012-4549)
vulnerability in redhat (CVE-2012-4549). Risk of unauthorized operations or information disclosure.
CVE-2012-4550 Vulnerability in redhat (CVE-2012-4550)
vulnerability in redhat (CVE-2012-4550). Risk of unauthorized operations or information disclosure.
CVE-2012-0814 Vulnerability in c (CVE-2012-0814)
vulnerability in c (CVE-2012-0814). Risk of unauthorized operations or information disclosure.
CVE-2011-0627 Vulnerability in dos (CVE-2011-0627)
vulnerability in dos (CVE-2011-0627). Successful exploitation can lead to full system takeover.
CVE-2010-4634 Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE:...
Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to module.php, a different vector than CVE-2005-1439. NOTE: this issue has been disputed by a reliable third party
CVE-2010-4478 Authentication Bypass in openbsd (CVE-2010-4478)
authentication bypass in openbsd (CVE-2010-4478). Successful exploitation can lead to full system takeover.
CVE-2010-3190 Vulnerability in c (CVE-2010-3190)
vulnerability in c (CVE-2010-3190). Successful exploitation can lead to full system takeover.
CVE-2010-0605 SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users, with "Staff" permissions, to execute arbitrary SQL commands via the input parameter.
CVE-2010-0606 Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related...
Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authenticated users to inject arbitrary web script or HTML via the f parameter, possibly related to an error message generated by scp/admin.php.
CVE-2010-0386 Vulnerability in sun (CVE-2010-0386)
vulnerability in sun (CVE-2010-0386). Confidential information can be exposed externally.
CVE-2009-3555 Vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555)
vulnerability in org.apache.tomcat:tomcat (CVE-2009-3555). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.5.33` or later.
CVE-2009-2493 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005...
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005...
CVE-2009-2495 Vulnerability in c (CVE-2009-2495)
vulnerability in c (CVE-2009-2495). Confidential information can be exposed externally.
CVE-2009-0901 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005...
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005...
CVE-2009-2361 SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
CVE-2003-1567 Information Disclosure in microsoft (CVE-2003-1567)
vulnerability in microsoft (CVE-2003-1567). Confidential information can be exposed externally.
CVE-2004-2761 Vulnerability in ietf (CVE-2004-2761)
vulnerability in ietf (CVE-2004-2761). Successful exploitation can lead to full system takeover.
CVE-2008-5161 Information Disclosure in openbsd (CVE-2008-5161)
vulnerability in openbsd (CVE-2008-5161). Risk of unauthorized operations or information disclosure.
CVE-2006-5407 PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
CVE-2005-4459 Buffer Overflow in vmware (CVE-2005-4459)
vulnerability in vmware (CVE-2005-4459). Risk of unauthorized operations or information disclosure.
CVE-2005-1794 Vulnerability in microsoft (CVE-2005-1794)
vulnerability in microsoft (CVE-2005-1794). Risk of unauthorized operations or information disclosure.
CVE-2005-1436 Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to h...
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the e...
CVE-2005-1439 Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.
Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter.
CVE-1999-0524 ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-1999-0511 IP forwarding is enabled on a machine which is not a router or firewall.
IP forwarding is enabled on a machine which is not a router or firewall.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →