Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2022-26987 Out-of-Bounds Write in tp-link (CVE-2022-26987)
out-of-bounds write in tp-link (CVE-2022-26987). Successful exploitation can lead to full system takeover. Exploitable via ``MmtAtePrase``.
CVE-2022-1388 KEV [KEV] Vulnerability in F5 big-ip (CVE-2022-1388)
vulnerability in F5 big-ip (CVE-2022-1388). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27224 An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated...
CVE-2021-43164 OS Command Injection in ruijienetworks (CVE-2021-43164)
OS command injection in ruijienetworks (CVE-2021-43164). Successful exploitation can lead to full system takeover.
CVE-2021-43161 Command Injection in ruijienetworks (CVE-2021-43161)
command injection in ruijienetworks (CVE-2021-43161). Successful exploitation can lead to full system takeover.
CVE-2021-43160 Command Injection in ruijienetworks (CVE-2021-43160)
command injection in ruijienetworks (CVE-2021-43160). Successful exploitation can lead to full system takeover.
CVE-2021-43159 Command Injection in ruijienetworks (CVE-2021-43159)
command injection in ruijienetworks (CVE-2021-43159). Successful exploitation can lead to full system takeover.
CVE-2021-43162 Command Injection in ruijienetworks (CVE-2021-43162)
command injection in ruijienetworks (CVE-2021-43162). Successful exploitation can lead to full system takeover.
CVE-2021-1789 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2021-1789)
vulnerability in Apple multiple-products (CVE-2021-1789). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-8506 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2019-8506)
vulnerability in Apple multiple-products (CVE-2019-8506). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-4113 KEV [KEV] Vulnerability in Microsoft win32k (CVE-2014-4113)
vulnerability in Microsoft win32k (CVE-2014-4113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-0322 KEV [KEV] Use-After-Free in Microsoft internet-explorer (CVE-2014-0322)
vulnerability in Microsoft internet-explorer (CVE-2014-0322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-0160 KEV [KEV] Out-of-Bounds Read in openssl (CVE-2014-0160)
vulnerability in openssl (CVE-2014-0160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-25647 Unsafe Deserialization in com.google.code.gson:gson (CVE-2022-25647)
vulnerability in com.google.code.gson:gson (CVE-2022-25647). Data can be tampered with by attackers. Mitigation: upgrade to `2.8.9` or later.
CVE-2021-44595 Vulnerability in wondershare (CVE-2021-44595)
vulnerability in wondershare (CVE-2021-44595). Successful exploitation can lead to full system takeover.
CVE-2021-36460 Authentication Bypass in veryfitpro-project (CVE-2021-36460)
authentication bypass in veryfitpro-project (CVE-2021-36460). Successful exploitation can lead to full system takeover.
CVE-2022-29464 KEV [KEV] Path Traversal in Wso2 multiple-products (CVE-2022-29464)
path traversal in Wso2 multiple-products (CVE-2022-29464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-26904 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-26904)
vulnerability in Microsoft windows (CVE-2022-26904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-21919 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-21919)
vulnerability in Microsoft windows (CVE-2022-21919). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-0847 KEV [KEV] Vulnerability in :linux_kernel: (CVE-2022-0847)
vulnerability in :linux_kernel: (CVE-2022-0847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `:2022-05-05` or later.
CVE-2021-41357 KEV [KEV] Vulnerability in Microsoft win32k (CVE-2021-41357)
vulnerability in Microsoft win32k (CVE-2021-41357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-40450 KEV [KEV] Vulnerability in Microsoft win32k (CVE-2021-40450)
vulnerability in Microsoft win32k (CVE-2021-40450). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1003029 KEV [KEV] Vulnerability in Jenkins script-security-plugin (CVE-2019-1003029)
vulnerability in Jenkins script-security-plugin (CVE-2019-1003029). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-0354 Code Injection in lenovo (CVE-2022-0354)
code injection in lenovo (CVE-2022-0354). Successful exploitation can lead to full system takeover.
CVE-2022-27406 Out-of-Bounds Read in freetype (CVE-2022-27406)
vulnerability in freetype (CVE-2022-27406). Risk of unauthorized operations or information disclosure.
CVE-2022-29534 Authentication Bypass in misp-project (CVE-2022-29534)
authentication bypass in misp-project (CVE-2022-29534). Data can be tampered with by attackers.
CVE-2022-20773 A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance...
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance...
CVE-2018-6882 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-3568 KEV [KEV] Vulnerability in Meta platforms meta-platforms (CVE-2019-3568)
vulnerability in Meta platforms meta-platforms (CVE-2019-3568). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22718 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-22718)
vulnerability in Microsoft windows (CVE-2022-22718). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-26901 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-26826 Command Injection in microsoft (CVE-2022-26826)
command injection in microsoft (CVE-2022-26826). Successful exploitation can lead to full system takeover.
CVE-2022-26795 Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-24473 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-22960 KEV [KEV] Vulnerability in Vmware multiple-products (CVE-2022-22960)
vulnerability in Vmware multiple-products (CVE-2022-22960). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-1364 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2022-1364)
vulnerability in Google chromium-v8 (CVE-2022-1364). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-3929 KEV [KEV] Cross-Site Scripting (XSS) in Crestron multiple-products (CVE-2019-3929)
cross-site scripting in Crestron multiple-products (CVE-2019-3929). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-16057 KEV [KEV] OS Command Injection in D-link dns-320-storage-device (CVE-2019-16057)
OS command injection in D-link dns-320-storage-device (CVE-2019-16057). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-7841 KEV [KEV] SQL Injection in Schneider electric schneider-electric (CVE-2018-7841)
SQL injection in Schneider electric schneider-electric (CVE-2018-7841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-4523 KEV [KEV] Buffer Overflow in Trihedral vtscada-formerly-vts (CVE-2016-4523)
vulnerability in Trihedral vtscada-formerly-vts (CVE-2016-4523). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-0780 KEV [KEV] Path Traversal in Indusoft web-studio (CVE-2014-0780)
path traversal in Indusoft web-studio (CVE-2014-0780). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2010-5330 KEV [KEV] Command Injection in Ubiquiti airos (CVE-2010-5330)
command injection in Ubiquiti airos (CVE-2010-5330). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2007-3010 KEV [KEV] Vulnerability in Alcatel omnipcx-enterprise (CVE-2007-3010)
vulnerability in Alcatel omnipcx-enterprise (CVE-2007-3010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22954 KEV [KEV] Code Injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954)
code injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24521 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-24521)
out-of-bounds write in Microsoft windows (CVE-2022-24521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-7602 KEV [KEV] Vulnerability in Drupal core (CVE-2018-7602)
vulnerability in Drupal core (CVE-2018-7602). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-20753 KEV [KEV] Vulnerability in Kaseya virtual-systemserver-administrator-vsa (CVE-2018-20753)
vulnerability in Kaseya virtual-systemserver-administrator-vsa (CVE-2018-20753). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-5123 KEV [KEV] Use-After-Free in Adobe flash-player (CVE-2015-5123)
vulnerability in Adobe flash-player (CVE-2015-5123). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-5122 KEV [KEV] Use-After-Free in Adobe flash-player (CVE-2015-5122)
vulnerability in Adobe flash-player (CVE-2015-5122). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-3113 KEV [KEV] Buffer Overflow in Adobe flash-player (CVE-2015-3113)
vulnerability in Adobe flash-player (CVE-2015-3113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →