Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2015-2502 KEV |
|
[KEV] Buffer Overflow in Microsoft internet-explorer (CVE-2015-2502)
vulnerability in Microsoft internet-explorer (CVE-2015-2502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-0313 KEV |
|
[KEV] Use-After-Free in Adobe flash-player (CVE-2015-0313)
vulnerability in Adobe flash-player (CVE-2015-0313). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-0311 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2015-0311)
vulnerability in Adobe flash-player (CVE-2015-0311). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-9163 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2014-9163)
vulnerability in Adobe flash-player (CVE-2014-9163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37292 |
|
Authorization Flaw in kevinlab (CVE-2021-37292)
vulnerability in kevinlab (CVE-2021-37292). Successful exploitation can lead to full system takeover.
|
| CVE-2021-40219 |
|
Code Injection in bolt (CVE-2021-40219)
code injection in bolt (CVE-2021-40219). Successful exploitation can lead to full system takeover.
|
| CVE-2022-23176 KEV |
|
[KEV] Vulnerability in Watchguard firebox-and-xtm (CVE-2022-23176)
vulnerability in Watchguard firebox-and-xtm (CVE-2022-23176). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42287 KEV |
|
[KEV] Privilege Escalation in Microsoft active-directory (CVE-2021-42287)
vulnerability in Microsoft active-directory (CVE-2021-42287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42278 KEV |
|
[KEV] Vulnerability in Microsoft active-directory (CVE-2021-42278)
vulnerability in Microsoft active-directory (CVE-2021-42278). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-39793 KEV |
|
[KEV] Out-of-Bounds Write in Google pixel (CVE-2021-39793)
out-of-bounds write in Google pixel (CVE-2021-39793). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27852 KEV |
|
[KEV] Unsafe Deserialization in checkbox (CVE-2021-27852)
vulnerability in checkbox (CVE-2021-27852). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22600 KEV |
|
[KEV] Vulnerability in :linux_kernel: (CVE-2021-22600)
vulnerability in :linux_kernel: (CVE-2021-22600). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `:2022-05-05` or later.
|
| CVE-2020-2509 KEV |
|
[KEV] Command Injection in qnap (CVE-2020-2509)
command injection in qnap (CVE-2020-2509). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-11317 KEV |
|
[KEV] Vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11317)
vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11317). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-27374 |
|
Vulnerability in drtrustusa (CVE-2020-27374)
vulnerability in drtrustusa (CVE-2020-27374). Successful exploitation can lead to full system takeover.
|
| CVE-2020-27376 |
|
Vulnerability in drtrustusa (CVE-2020-27376)
vulnerability in drtrustusa (CVE-2020-27376). Successful exploitation can lead to full system takeover.
|
| CVE-2020-27373 |
|
OS Command Injection in drtrustusa (CVE-2020-27373)
OS command injection in drtrustusa (CVE-2020-27373). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26251 |
|
Privilege Escalation in synametrics (CVE-2022-26251)
vulnerability in synametrics (CVE-2022-26251). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26607 |
|
Unrestricted File Upload in baigo (CVE-2022-26607)
vulnerability in baigo (CVE-2022-26607). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26250 |
|
Vulnerability in synametrics (CVE-2022-26250)
vulnerability in synametrics (CVE-2022-26250). Successful exploitation can lead to full system takeover.
|
| CVE-2021-3156 KEV |
|
[KEV] Vulnerability in sudo (CVE-2021-3156)
vulnerability in sudo (CVE-2021-3156). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-31166 KEV |
|
[KEV] Use-After-Free in Microsoft http-protocol-stack (CVE-2021-31166)
vulnerability in Microsoft http-protocol-stack (CVE-2021-31166). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0148 KEV |
|
[KEV] Vulnerability in Microsoft smbv1-server (CVE-2017-0148)
vulnerability in Microsoft smbv1-server (CVE-2017-0148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26281 |
|
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
|
| CVE-2022-22965 KEV |
|
[KEV] Code Injection in Vmware spring-framework (CVE-2022-22965)
code injection in Vmware spring-framework (CVE-2022-22965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22675 KEV |
|
[KEV] Vulnerability in Apple macos (CVE-2022-22675)
vulnerability in Apple macos (CVE-2022-22675). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22674 KEV |
|
[KEV] Vulnerability in Apple macos (CVE-2022-22674)
vulnerability in Apple macos (CVE-2022-22674). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-45382 KEV |
|
[KEV] OS Command Injection in D-link multiple-routers (CVE-2021-45382)
OS command injection in D-link multiple-routers (CVE-2021-45382). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26871 KEV |
|
[KEV] Vulnerability in Trend micro trend-micro (CVE-2022-26871)
vulnerability in Trend micro trend-micro (CVE-2022-26871). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-1040 KEV |
|
[KEV] Vulnerability in Sophos firewall (CVE-2022-1040)
vulnerability in Sophos firewall (CVE-2022-1040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34484 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2021-34484)
vulnerability in Microsoft windows (CVE-2021-34484). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-28799 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799)
vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21551 KEV |
|
[KEV] Vulnerability in Dell dbutil-driver (CVE-2021-21551)
vulnerability in Dell dbutil-driver (CVE-2021-21551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-10562 KEV |
|
[KEV] OS Command Injection in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10562)
OS command injection in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-10561 KEV |
|
[KEV] Authentication Bypass in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10561)
authentication bypass in Dasan gigabit-passive-optical-network-gpon-routers (CVE-2018-10561). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-46010 |
|
Vulnerability in totolink (CVE-2021-46010)
vulnerability in totolink (CVE-2021-46010). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46008 |
|
Vulnerability in totolink (CVE-2021-46008)
vulnerability in totolink (CVE-2021-46008). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45031 |
|
Vulnerability in mepsan (CVE-2021-45031)
vulnerability in mepsan (CVE-2021-45031). Confidential information can be exposed externally.
|
| CVE-2022-1096 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2022-1096)
vulnerability in Google chromium-v8 (CVE-2022-1096). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1770 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2015-1770)
vulnerability in Microsoft office (CVE-2015-1770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3660 KEV |
|
[KEV] Buffer Overflow in Microsoft win32k (CVE-2013-3660)
vulnerability in Microsoft win32k (CVE-2013-3660). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-2729 KEV |
|
[KEV] Vulnerability in Adobe reader-and-acrobat (CVE-2013-2729)
vulnerability in Adobe reader-and-acrobat (CVE-2013-2729). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-2551 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2013-2551)
vulnerability in Microsoft internet-explorer (CVE-2013-2551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-2465 KEV |
|
[KEV] Vulnerability in Oracle java-se (CVE-2013-2465)
vulnerability in Oracle java-se (CVE-2013-2465). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-1690 KEV |
|
[KEV] Buffer Overflow in Mozilla firefox-and-thunderbird (CVE-2013-1690)
vulnerability in Mozilla firefox-and-thunderbird (CVE-2013-1690). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-5076 KEV |
|
[KEV] Vulnerability in Oracle java-se (CVE-2012-5076)
vulnerability in Oracle java-se (CVE-2012-5076). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-2539 KEV |
|
[KEV] Vulnerability in Microsoft word (CVE-2012-2539)
vulnerability in Microsoft word (CVE-2012-2539). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-2034 KEV |
|
[KEV] Buffer Overflow in Adobe flash-player (CVE-2012-2034)
vulnerability in Adobe flash-player (CVE-2012-2034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-0518 KEV |
|
[KEV] Open Redirect in Oracle fusion-middleware (CVE-2012-0518)
vulnerability in Oracle fusion-middleware (CVE-2012-0518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2011-2005 KEV |
|
[KEV] Vulnerability in Microsoft ancillary-function-driver-afdsys (CVE-2011-2005)
vulnerability in Microsoft ancillary-function-driver-afdsys (CVE-2011-2005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|