Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2019-1010294 Vulnerability in trustedfirmware (CVE-2019-1010294)
vulnerability in trustedfirmware (CVE-2019-1010294). Confidential information can be exposed externally.
CVE-2017-14853 The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attac...
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.
CVE-2017-14852 An insecure communication was found between a user and the Orpak SiteOmat management console for...
An insecure communication was found between a user and the Orpak SiteOmat management console for...
CVE-2019-6820 Vulnerability in schneider-electric (CVE-2019-6820)
vulnerability in schneider-electric (CVE-2019-6820). Risk of unauthorized operations or information disclosure.
CVE-2019-11687 Vulnerability in nema (CVE-2019-11687)
vulnerability in nema (CVE-2019-11687). Successful exploitation can lead to full system takeover.
CVE-2019-10953 Vulnerability in abb (CVE-2019-10953)
vulnerability in abb (CVE-2019-10953). Risk of unauthorized operations or information disclosure.
CVE-2018-16561 Vulnerability in siemens (CVE-2018-16561)
vulnerability in siemens (CVE-2018-16561). Risk of unauthorized operations or information disclosure.
CVE-2019-6575 Vulnerability in dos (CVE-2019-6575)
vulnerability in dos (CVE-2019-6575). Risk of unauthorized operations or information disclosure.
CVE-2017-15031 Information Disclosure in trustedfirmware (CVE-2017-15031)
vulnerability in trustedfirmware (CVE-2017-15031). Confidential information can be exposed externally.
CVE-2018-17924 Vulnerability in rockwellautomation (CVE-2018-17924)
vulnerability in rockwellautomation (CVE-2018-17924). Risk of unauthorized operations or information disclosure.
CVE-2018-6439 Vulnerability in broadcom (CVE-2018-6439)
vulnerability in broadcom (CVE-2018-6439). Successful exploitation can lead to full system takeover.
CVE-2018-3882 SQL Injection in sqli (CVE-2018-3882)
SQL injection in sqli (CVE-2018-3882). Successful exploitation can lead to full system takeover.
CVE-2018-3883 SQL Injection in sqli (CVE-2018-3883)
SQL injection in sqli (CVE-2018-3883). Successful exploitation can lead to full system takeover.
CVE-2018-3884 SQL Injection in sqli (CVE-2018-3884)
SQL injection in sqli (CVE-2018-3884). Successful exploitation can lead to full system takeover.
CVE-2018-3885 SQL Injection in sqli (CVE-2018-3885)
SQL injection in sqli (CVE-2018-3885). Successful exploitation can lead to full system takeover.
CVE-2018-10902 Vulnerability in c (CVE-2018-10902)
vulnerability in c (CVE-2018-10902). Successful exploitation can lead to full system takeover.
CVE-2018-12594 Information Disclosure in reliablecontrols (CVE-2018-12594)
vulnerability in reliablecontrols (CVE-2018-12594). Confidential information can be exposed externally.
CVE-2018-1259 XXE (XML External Entity) in broadcom (CVE-2018-1259)
vulnerability in broadcom (CVE-2018-1259). Confidential information can be exposed externally.
CVE-2018-1274 Vulnerability in dos (CVE-2018-1274)
vulnerability in dos (CVE-2018-1274). Risk of unauthorized operations or information disclosure.
CVE-2018-9989 Out-of-Bounds Read in arm (CVE-2018-9989)
vulnerability in arm (CVE-2018-9989). Risk of unauthorized operations or information disclosure.
CVE-2018-9988 Out-of-Bounds Read in arm (CVE-2018-9988)
vulnerability in arm (CVE-2018-9988). Risk of unauthorized operations or information disclosure.
CVE-2018-7195 Vulnerability in enhancesoft (CVE-2018-7195)
vulnerability in enhancesoft (CVE-2018-7195). Successful exploitation can lead to full system takeover.
CVE-2017-12174 Vulnerability in apache (CVE-2017-12174)
vulnerability in apache (CVE-2017-12174). Risk of unauthorized operations or information disclosure.
CVE-2018-6926 OS Command Injection in misp-project (CVE-2018-6926)
OS command injection in misp-project (CVE-2018-6926). Successful exploitation can lead to full system takeover.
CVE-2017-12626 Vulnerability in org.apache.poi:poi (CVE-2017-12626)
vulnerability in org.apache.poi:poi (CVE-2017-12626). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.17` or later.
CVE-2017-17704 Vulnerability in swhouse (CVE-2017-17704)
vulnerability in swhouse (CVE-2017-17704). Data can be tampered with by attackers.
CVE-2017-14855 Vulnerability in dos (CVE-2017-14855)
vulnerability in dos (CVE-2017-14855). Risk of unauthorized operations or information disclosure.
CVE-2017-17997 Vulnerability in c (CVE-2017-17997)
vulnerability in c (CVE-2017-17997). Risk of unauthorized operations or information disclosure.
CVE-2017-17983 SQL Injection in sqli (CVE-2017-17983)
SQL injection in sqli (CVE-2017-17983). Successful exploitation can lead to full system takeover.
CVE-2017-17987 Unrestricted File Upload in muslim-matrimonial-script-project (CVE-2017-17987)
vulnerability in muslim-matrimonial-script-project (CVE-2017-17987). Successful exploitation can lead to full system takeover.
CVE-2017-17990 Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
CVE-2014-0120 Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-0120)
vulnerability in csrf (CVE-2014-0120). Successful exploitation can lead to full system takeover.
CVE-2014-8119 Vulnerability in dos (CVE-2014-8119)
vulnerability in dos (CVE-2014-8119). Risk of unauthorized operations or information disclosure.
CVE-2015-3302 Vulnerability in wordpress (CVE-2015-3302)
vulnerability in wordpress (CVE-2015-3302). Confidential information can be exposed externally.
CVE-2015-8008 Vulnerability in mediawiki (CVE-2015-8008)
vulnerability in mediawiki (CVE-2015-8008). Confidential information can be exposed externally.
CVE-2017-17901 Vulnerability in dos (CVE-2017-17901)
vulnerability in dos (CVE-2017-17901). Risk of unauthorized operations or information disclosure.
CVE-2017-17973 Use-After-Free in c (CVE-2017-17973)
vulnerability in c (CVE-2017-17973). Successful exploitation can lead to full system takeover.
CVE-2017-17916 SQL Injection in rails (CVE-2017-17916)
SQL injection in rails (CVE-2017-17916). Successful exploitation can lead to full system takeover.
CVE-2017-17917 SQL Injection in rails (CVE-2017-17917)
SQL injection in rails (CVE-2017-17917). Successful exploitation can lead to full system takeover.
CVE-2017-17919 SQL Injection in rails (CVE-2017-17919)
SQL injection in rails (CVE-2017-17919). Successful exploitation can lead to full system takeover.
CVE-2017-17920 SQL Injection in rails (CVE-2017-17920)
SQL injection in rails (CVE-2017-17920). Successful exploitation can lead to full system takeover.
CVE-2013-7400 Information Disclosure in dkd (CVE-2013-7400)
vulnerability in dkd (CVE-2013-7400). Confidential information can be exposed externally.
CVE-2014-3651 Vulnerability in dos (CVE-2014-3651)
vulnerability in dos (CVE-2014-3651). Risk of unauthorized operations or information disclosure.
CVE-2017-17950 Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
CVE-2017-17952 Vulnerability in php-multivendor-ecommerce-project (CVE-2017-17952)
vulnerability in php-multivendor-ecommerce-project (CVE-2017-17952). Data can be tampered with by attackers.
CVE-2017-17960 PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
CVE-2017-15667 Vulnerability in dos (CVE-2017-15667)
vulnerability in dos (CVE-2017-15667). Risk of unauthorized operations or information disclosure.
CVE-2017-17936 Vanguard Marketplace Digital Products PHP has CSRF via /search.
Vanguard Marketplace Digital Products PHP has CSRF via /search.
CVE-2017-17939 PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
CVE-2017-17941 SQL Injection in sqli (CVE-2017-17941)
SQL injection in sqli (CVE-2017-17941). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →