Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2020-28858 |
|
Cross-Site Request Forgery (CSRF) in openasset (CVE-2020-28858)
vulnerability in openasset (CVE-2020-28858). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23735 |
|
Vulnerability in privilege-escalation (CVE-2020-23735)
vulnerability in privilege-escalation (CVE-2020-23735). Successful exploitation can lead to full system takeover.
|
| CVE-2020-28209 |
|
Vulnerability in schneider-electric (CVE-2020-28209)
vulnerability in schneider-electric (CVE-2020-28209). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23968 |
|
Vulnerability in ilex (CVE-2020-23968)
vulnerability in ilex (CVE-2020-23968). Successful exploitation can lead to full system takeover.
|
| CVE-2020-17091 |
|
Microsoft Teams Remote Code Execution Vulnerability
Microsoft Teams Remote Code Execution Vulnerability
|
| CVE-2020-28043 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-28043)
SSRF in ssrf (CVE-2020-28043). Confidential information can be exposed externally.
|
| CVE-2020-22552 |
|
Vulnerability in snap7-project (CVE-2020-22552)
vulnerability in snap7-project (CVE-2020-22552). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-17003 |
|
Buffer Overflow in microsoft (CVE-2020-17003)
vulnerability in microsoft (CVE-2020-17003). Successful exploitation can lead to full system takeover.
|
| CVE-2020-16918 |
|
Out-of-Bounds Write in microsoft (CVE-2020-16918)
out-of-bounds write in microsoft (CVE-2020-16918). Successful exploitation can lead to full system takeover.
|
| CVE-2020-26869 |
|
Information Disclosure in arcinfo (CVE-2020-26869)
vulnerability in arcinfo (CVE-2020-26869). Confidential information can be exposed externally.
|
| CVE-2020-26868 |
|
Vulnerability in arcinfo (CVE-2020-26868)
vulnerability in arcinfo (CVE-2020-26868). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-5354 |
|
Vulnerability in anixis (CVE-2018-5354)
vulnerability in anixis (CVE-2018-5354). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25766 |
|
Vulnerability in misp-project (CVE-2020-25766)
vulnerability in misp-project (CVE-2020-25766). Data can be tampered with by attackers.
|
| CVE-2020-25515 |
|
Unrestricted File Upload in simple-library-management-system-project (CVE-2020-25515)
vulnerability in simple-library-management-system-project (CVE-2020-25515). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25487 |
|
SQL Injection in sqli (CVE-2020-25487)
SQL injection in sqli (CVE-2020-25487). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25514 |
|
SQL Injection in simple-library-management-system-project (CVE-2020-25514)
SQL injection in simple-library-management-system-project (CVE-2020-25514). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23451 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-23451)
vulnerability in csrf (CVE-2020-23451). Successful exploitation can lead to full system takeover.
|
| CVE-2020-15711 |
|
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
|
| CVE-2020-14969 |
|
Vulnerability in misp-project (CVE-2020-14969)
vulnerability in misp-project (CVE-2020-14969). Confidential information can be exposed externally.
|
| CVE-2020-7488 |
|
Vulnerability in schneider-electric (CVE-2020-7488)
vulnerability in schneider-electric (CVE-2020-7488). Confidential information can be exposed externally.
|
| CVE-2020-11725 |
|
Vulnerability in c (CVE-2020-11725)
vulnerability in c (CVE-2020-11725). Successful exploitation can lead to full system takeover.
|
| CVE-2020-6986 |
|
Vulnerability in omron (CVE-2020-6986)
vulnerability in omron (CVE-2020-6986). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-8893 |
|
Vulnerability in misp-project (CVE-2020-8893)
vulnerability in misp-project (CVE-2020-8893). Data can be tampered with by attackers.
|
| CVE-2020-8892 |
|
Vulnerability in misp-project (CVE-2020-8892)
vulnerability in misp-project (CVE-2020-8892). Successful exploitation can lead to full system takeover.
|
| CVE-2019-6857 |
|
Vulnerability in dos (CVE-2019-6857)
vulnerability in dos (CVE-2019-6857). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6856 |
|
Vulnerability in dos (CVE-2019-6856)
vulnerability in dos (CVE-2019-6856). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7794 |
|
Vulnerability in dos (CVE-2018-7794)
vulnerability in dos (CVE-2018-7794). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-13533 |
|
Vulnerability in omron (CVE-2019-13533)
vulnerability in omron (CVE-2019-13533). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6829 |
|
Vulnerability in dos (CVE-2019-6829)
vulnerability in dos (CVE-2019-6829). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-14749 |
|
Vulnerability in enhancesoft (CVE-2019-14749)
vulnerability in enhancesoft (CVE-2019-14749). Successful exploitation can lead to full system takeover.
|
| CVE-2019-6819 |
|
Vulnerability in dos (CVE-2019-6819)
vulnerability in dos (CVE-2019-6819). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7852 |
|
Vulnerability in c (CVE-2018-7852)
vulnerability in c (CVE-2018-7852). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7821 |
|
Vulnerability in schneider-electric (CVE-2018-7821)
vulnerability in schneider-electric (CVE-2018-7821). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-8611 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2018-8611)
vulnerability in Microsoft windows (CVE-2018-8611). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19953 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19953)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19949 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949)
vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19943 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19943)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19943). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0147 KEV |
|
[KEV] Information Disclosure in Microsoft smbv1-server (CVE-2017-0147)
vulnerability in Microsoft smbv1-server (CVE-2017-0147). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0022 KEV |
|
[KEV] Information Disclosure in Microsoft xml-core-services (CVE-2017-0022)
vulnerability in Microsoft xml-core-services (CVE-2017-0022). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0005 KEV |
|
[KEV] Buffer Overflow in Microsoft windows (CVE-2017-0005)
vulnerability in Microsoft windows (CVE-2017-0005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0149 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2017-0149)
vulnerability in Microsoft internet-explorer (CVE-2017-0149). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0210 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2017-0210)
vulnerability in Microsoft internet-explorer (CVE-2017-0210). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-8291 KEV |
|
[KEV] Vulnerability in Artifex ghostscript (CVE-2017-8291)
vulnerability in Artifex ghostscript (CVE-2017-8291). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-8543 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2017-8543)
vulnerability in Microsoft windows (CVE-2017-8543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-18362 KEV |
|
[KEV] SQL Injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362)
SQL injection in Kaseya virtual-systemserver-administrator-vsa (CVE-2017-18362). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0162 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer (CVE-2016-0162)
vulnerability in Microsoft internet-explorer (CVE-2016-0162). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3351 KEV |
|
[KEV] Information Disclosure in Microsoft internet-explorer-and-edge (CVE-2016-3351)
vulnerability in Microsoft internet-explorer-and-edge (CVE-2016-3351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4655 KEV |
|
[KEV] Information Disclosure in Apple ios (CVE-2016-4655)
vulnerability in Apple ios (CVE-2016-4655). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4656 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2016-4656)
vulnerability in Apple ios (CVE-2016-4656). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4657 KEV |
|
[KEV] Buffer Overflow in Apple ios (CVE-2016-4657)
vulnerability in Apple ios (CVE-2016-4657). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|