Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2019-1322 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-1322)
vulnerability in Microsoft windows (CVE-2019-1322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1315 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-1315)
vulnerability in Microsoft windows (CVE-2019-1315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1253 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-1253)
vulnerability in Microsoft windows (CVE-2019-1253). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1132 KEV [KEV] Vulnerability in Microsoft win32k (CVE-2019-1132)
vulnerability in Microsoft win32k (CVE-2019-1132). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1129 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-1129)
vulnerability in Microsoft windows (CVE-2019-1129). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1069 KEV [KEV] Vulnerability in Microsoft task-scheduler (CVE-2019-1069)
vulnerability in Microsoft task-scheduler (CVE-2019-1069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-1064 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-1064)
vulnerability in Microsoft windows (CVE-2019-1064). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-0841 KEV [KEV] Vulnerability in Microsoft windows (CVE-2019-0841)
vulnerability in Microsoft windows (CVE-2019-0841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-0543 KEV [KEV] Authentication Bypass in Microsoft windows (CVE-2019-0543)
authentication bypass in Microsoft windows (CVE-2019-0543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-8120 KEV [KEV] Vulnerability in Microsoft win32k (CVE-2018-8120)
vulnerability in Microsoft win32k (CVE-2018-8120). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-0101 KEV [KEV] Buffer Overflow in Microsoft windows (CVE-2017-0101)
vulnerability in Microsoft windows (CVE-2017-0101). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-3309 KEV [KEV] Vulnerability in Microsoft windows (CVE-2016-3309)
vulnerability in Microsoft windows (CVE-2016-3309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-2546 KEV [KEV] Buffer Overflow in Microsoft win32k (CVE-2015-2546)
vulnerability in Microsoft win32k (CVE-2015-2546). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-25090 Vulnerability in privilege-escalation (CVE-2022-25090)
vulnerability in privilege-escalation (CVE-2022-25090). Successful exploitation can lead to full system takeover.
CVE-2022-24618 Vulnerability in c (CVE-2022-24618)
vulnerability in c (CVE-2022-24618). Successful exploitation can lead to full system takeover.
CVE-2022-24644 Vulnerability in zzinc (CVE-2022-24644)
vulnerability in zzinc (CVE-2022-24644). Successful exploitation can lead to full system takeover.
CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24510 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24464 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
HEIF Image Extensions Remote Code Execution Vulnerability
CVE-2022-24451 VP9 Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-23282 Paint 3D Remote Code Execution Vulnerability
Paint 3D Remote Code Execution Vulnerability
CVE-2022-26486 KEV [KEV] Use-After-Free in Mozilla firefox (CVE-2022-26486)
vulnerability in Mozilla firefox (CVE-2022-26486). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-26485 KEV [KEV] Use-After-Free in Mozilla firefox (CVE-2022-26485)
vulnerability in Mozilla firefox (CVE-2022-26485). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-21973 KEV [KEV] Vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973)
vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8218 KEV [KEV] Code Injection in Pulse secure pulse-secure (CVE-2020-8218)
code injection in Pulse secure pulse-secure (CVE-2020-8218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11581 KEV [KEV] Vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581)
vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-6077 KEV [KEV] OS Command Injection in Netgear wireless-router-dgn2200 (CVE-2017-6077)
OS command injection in Netgear wireless-router-dgn2200 (CVE-2017-6077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-6277 KEV [KEV] Cross-Site Request Forgery (CSRF) in Netgear multiple-routers (CVE-2016-6277)
vulnerability in Netgear multiple-routers (CVE-2016-6277). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-0631 KEV [KEV] Information Disclosure in Adobe coldfusion (CVE-2013-0631)
vulnerability in Adobe coldfusion (CVE-2013-0631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-0629 KEV [KEV] Vulnerability in Adobe coldfusion (CVE-2013-0629)
vulnerability in Adobe coldfusion (CVE-2013-0629). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-0625 KEV [KEV] Vulnerability in Adobe coldfusion (CVE-2013-0625)
vulnerability in Adobe coldfusion (CVE-2013-0625). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2009-3960 KEV [KEV] Vulnerability in Adobe blazeds (CVE-2009-3960)
vulnerability in Adobe blazeds (CVE-2009-3960). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-18326 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-18326)
vulnerability in csrf (CVE-2020-18326). Successful exploitation can lead to full system takeover.
CVE-2022-23327 Vulnerability in dos (CVE-2022-23327)
vulnerability in dos (CVE-2022-23327). Risk of unauthorized operations or information disclosure.
CVE-2022-23328 Vulnerability in dos (CVE-2022-23328)
vulnerability in dos (CVE-2022-23328). Risk of unauthorized operations or information disclosure.
CVE-2021-42950 Vulnerability in zepl (CVE-2021-42950)
vulnerability in zepl (CVE-2021-42950). Successful exploitation can lead to full system takeover.
CVE-2022-24251 Unrestricted File Upload in extensis (CVE-2022-24251)
vulnerability in extensis (CVE-2022-24251). Successful exploitation can lead to full system takeover.
CVE-2022-24254 Unrestricted File Upload in extensis (CVE-2022-24254)
vulnerability in extensis (CVE-2022-24254). Successful exploitation can lead to full system takeover.
CVE-2022-24255 Vulnerability in extensis (CVE-2022-24255)
vulnerability in extensis (CVE-2022-24255). Successful exploitation can lead to full system takeover.
CVE-2022-20708 KEV [KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20708)
vulnerability in Cisco small-business-rv160 (CVE-2022-20708). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-20703 KEV [KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20703)
vulnerability in Cisco small-business-rv160 (CVE-2022-20703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-20701 KEV [KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20701)
vulnerability in Cisco small-business-rv160 (CVE-2022-20701). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-20700 KEV [KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20700)
vulnerability in Cisco small-business-rv160 (CVE-2022-20700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-20699 KEV [KEV] Vulnerability in Cisco small-business-rv160 (CVE-2022-20699)
vulnerability in Cisco small-business-rv160 (CVE-2022-20699). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41379 KEV [KEV] Vulnerability in Microsoft windows (CVE-2021-41379)
vulnerability in Microsoft windows (CVE-2021-41379). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-1938 KEV [KEV] Privilege Escalation in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938)
vulnerability in org.apache.tomcat.embed:tomcat-embed-core (CVE-2020-1938). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `7.0.100` or later.
CVE-2020-11899 KEV [KEV] Out-of-Bounds Read in Treck tcp/ip stack treck-tcpip-stack (CVE-2020-11899)
vulnerability in Treck tcp/ip stack treck-tcpip-stack (CVE-2020-11899). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →