Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-12651 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-12651)
vulnerability in wordpress (CVE-2017-12651). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2015-7875 |
|
Vulnerability in drupal (CVE-2015-7875)
vulnerability in drupal (CVE-2015-7875). Data can be tampered with by attackers.
|
| CVE-2017-9801 |
|
Vulnerability in apache (CVE-2017-9801)
vulnerability in apache (CVE-2017-9801). Data can be tampered with by attackers.
|
| CVE-2017-7916 |
|
Vulnerability in react (CVE-2017-7916)
vulnerability in react (CVE-2017-7916). Confidential information can be exposed externally.
|
| CVE-2017-7920 |
|
Authentication Bypass in react (CVE-2017-7920)
authentication bypass in react (CVE-2017-7920). Confidential information can be exposed externally.
|
| CVE-2017-6747 |
|
Authentication Bypass in express (CVE-2017-6747)
authentication bypass in express (CVE-2017-6747). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11364 |
|
Vulnerability in joomla (CVE-2017-11364)
vulnerability in joomla (CVE-2017-11364). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12199 |
|
SQL Injection in wordpress (CVE-2017-12199)
SQL injection in wordpress (CVE-2017-12199). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12200 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-12200)
cross-site scripting in wordpress (CVE-2017-12200). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12068 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-12068)
cross-site scripting in wordpress (CVE-2017-12068). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12131 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-12131)
cross-site scripting in wordpress (CVE-2017-12131). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11726 |
|
Cross-Site Request Forgery (CSRF) in rails (CVE-2017-11726)
vulnerability in rails (CVE-2017-11726). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11727 |
|
Cross-Site Scripting (XSS) in rails (CVE-2017-11727)
cross-site scripting in rails (CVE-2017-11727). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11694 |
|
Vulnerability in apache (CVE-2017-11694)
vulnerability in apache (CVE-2017-11694). Confidential information can be exposed externally.
|
| CVE-2016-0736 |
|
Vulnerability in apache (CVE-2016-0736)
vulnerability in apache (CVE-2016-0736). Confidential information can be exposed externally.
|
| CVE-2016-2161 |
|
Vulnerability in apache (CVE-2016-2161)
vulnerability in apache (CVE-2016-2161). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-8743 |
|
Vulnerability in apache (CVE-2016-8743)
vulnerability in apache (CVE-2016-8743). Data can be tampered with by attackers.
|
| CVE-2017-7659 |
|
Vulnerability in apache (CVE-2017-7659)
vulnerability in apache (CVE-2017-7659). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11658 |
|
Path Traversal in wordpress (CVE-2017-11658)
path traversal in wordpress (CVE-2017-11658). Confidential information can be exposed externally.
|
| CVE-2017-11612 |
|
Cross-Site Scripting (XSS) in joomla (CVE-2017-11612)
cross-site scripting in joomla (CVE-2017-11612). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3421 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-3421)
cross-site scripting in wordpress (CVE-2015-3421). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-5394 |
|
Cross-Site Scripting (XSS) in apache (CVE-2016-5394)
cross-site scripting in apache (CVE-2016-5394). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6798 |
|
XXE (XML External Entity) in apache (CVE-2016-6798)
vulnerability in apache (CVE-2016-6798). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9933 |
|
Information Disclosure in joomla (CVE-2017-9933)
vulnerability in joomla (CVE-2017-9933). Confidential information can be exposed externally.
|
| CVE-2017-9934 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-9934)
cross-site scripting in csrf (CVE-2017-9934). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7685 |
|
Vulnerability in apache (CVE-2017-7685)
vulnerability in apache (CVE-2017-7685). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7688 |
|
Apache OpenMeetings 1.0.0 updates user password in insecure manner.
Apache OpenMeetings 1.0.0 updates user password in insecure manner.
|
| CVE-2017-7663 |
|
Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.
Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.
|
| CVE-2017-7664 |
|
Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.
Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0.
|
| CVE-2017-7666 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-7666)
cross-site scripting in apache (CVE-2017-7666). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7673 |
|
Vulnerability in apache (CVE-2017-7673)
vulnerability in apache (CVE-2017-7673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7680 |
|
Vulnerability in apache (CVE-2017-7680)
vulnerability in apache (CVE-2017-7680). Data can be tampered with by attackers.
|
| CVE-2017-7681 |
|
SQL Injection in apache (CVE-2017-7681)
SQL injection in apache (CVE-2017-7681). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7682 |
|
Vulnerability in apache (CVE-2017-7682)
vulnerability in apache (CVE-2017-7682). Data can be tampered with by attackers.
|
| CVE-2017-7683 |
|
Information Disclosure in apache (CVE-2017-7683)
vulnerability in apache (CVE-2017-7683). Confidential information can be exposed externally.
|
| CVE-2017-7684 |
|
Vulnerability in apache (CVE-2017-7684)
vulnerability in apache (CVE-2017-7684). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000033 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000033)
cross-site scripting in wordpress (CVE-2017-1000033). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-1000038 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000038)
cross-site scripting in wordpress (CVE-2017-1000038). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6312 |
|
Vulnerability in apache (CVE-2016-6312)
vulnerability in apache (CVE-2016-6312). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6793 |
|
Unsafe Deserialization in apache (CVE-2016-6793)
vulnerability in apache (CVE-2016-6793). Data can be tampered with by attackers.
|
| CVE-2015-0249 |
|
Code Injection in apache (CVE-2015-0249)
code injection in apache (CVE-2015-0249). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9788 |
|
Vulnerability in apache (CVE-2017-9788)
vulnerability in apache (CVE-2017-9788). Confidential information can be exposed externally. Exploitable via `Authorization header`.
|
| CVE-2017-9789 |
|
Use-After-Free in apache (CVE-2017-9789)
vulnerability in apache (CVE-2017-9789). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7672 |
|
Vulnerability in apache (CVE-2017-7672)
vulnerability in apache (CVE-2017-7672). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9787 |
|
Vulnerability in apache (CVE-2017-9787)
vulnerability in apache (CVE-2017-9787). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7529 |
|
Vulnerability in nginx (CVE-2017-7529)
vulnerability in nginx (CVE-2017-7529). Confidential information can be exposed externally.
|
| CVE-2017-7678 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-7678)
cross-site scripting in apache (CVE-2017-7678). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5640 |
|
Authentication Bypass in apache (CVE-2017-5640)
authentication bypass in apache (CVE-2017-5640). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5652 |
|
Vulnerability in apache (CVE-2017-5652)
vulnerability in apache (CVE-2017-5652). Confidential information can be exposed externally.
|
| CVE-2017-7670 |
|
Vulnerability in apache (CVE-2017-7670)
vulnerability in apache (CVE-2017-7670). Risk of unauthorized operations or information disclosure.
|