Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2019-1010294 |
|
Vulnerability in trustedfirmware (CVE-2019-1010294)
vulnerability in trustedfirmware (CVE-2019-1010294). Confidential information can be exposed externally.
|
| CVE-2017-14853 |
|
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attac...
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device.
|
| CVE-2017-14852 |
|
An insecure communication was found between a user and the Orpak SiteOmat management console for...
An insecure communication was found between a user and the Orpak SiteOmat management console for...
|
| CVE-2019-6820 |
|
Vulnerability in schneider-electric (CVE-2019-6820)
vulnerability in schneider-electric (CVE-2019-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-11687 |
|
Vulnerability in nema (CVE-2019-11687)
vulnerability in nema (CVE-2019-11687). Successful exploitation can lead to full system takeover.
|
| CVE-2019-10953 |
|
Vulnerability in abb (CVE-2019-10953)
vulnerability in abb (CVE-2019-10953). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-16561 |
|
Vulnerability in siemens (CVE-2018-16561)
vulnerability in siemens (CVE-2018-16561). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-6575 |
|
Vulnerability in dos (CVE-2019-6575)
vulnerability in dos (CVE-2019-6575). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15031 |
|
Information Disclosure in trustedfirmware (CVE-2017-15031)
vulnerability in trustedfirmware (CVE-2017-15031). Confidential information can be exposed externally.
|
| CVE-2018-17924 |
|
Vulnerability in rockwellautomation (CVE-2018-17924)
vulnerability in rockwellautomation (CVE-2018-17924). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-6439 |
|
Vulnerability in broadcom (CVE-2018-6439)
vulnerability in broadcom (CVE-2018-6439). Successful exploitation can lead to full system takeover.
|
| CVE-2018-3882 |
|
SQL Injection in sqli (CVE-2018-3882)
SQL injection in sqli (CVE-2018-3882). Successful exploitation can lead to full system takeover.
|
| CVE-2018-3883 |
|
SQL Injection in sqli (CVE-2018-3883)
SQL injection in sqli (CVE-2018-3883). Successful exploitation can lead to full system takeover.
|
| CVE-2018-3884 |
|
SQL Injection in sqli (CVE-2018-3884)
SQL injection in sqli (CVE-2018-3884). Successful exploitation can lead to full system takeover.
|
| CVE-2018-3885 |
|
SQL Injection in sqli (CVE-2018-3885)
SQL injection in sqli (CVE-2018-3885). Successful exploitation can lead to full system takeover.
|
| CVE-2018-10902 |
|
Vulnerability in c (CVE-2018-10902)
vulnerability in c (CVE-2018-10902). Successful exploitation can lead to full system takeover.
|
| CVE-2018-12594 |
|
Information Disclosure in reliablecontrols (CVE-2018-12594)
vulnerability in reliablecontrols (CVE-2018-12594). Confidential information can be exposed externally.
|
| CVE-2018-1259 |
|
XXE (XML External Entity) in broadcom (CVE-2018-1259)
vulnerability in broadcom (CVE-2018-1259). Confidential information can be exposed externally.
|
| CVE-2018-1274 |
|
Vulnerability in dos (CVE-2018-1274)
vulnerability in dos (CVE-2018-1274). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-9989 |
|
Out-of-Bounds Read in arm (CVE-2018-9989)
vulnerability in arm (CVE-2018-9989). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-9988 |
|
Out-of-Bounds Read in arm (CVE-2018-9988)
vulnerability in arm (CVE-2018-9988). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-7195 |
|
Vulnerability in enhancesoft (CVE-2018-7195)
vulnerability in enhancesoft (CVE-2018-7195). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12174 |
|
Vulnerability in apache (CVE-2017-12174)
vulnerability in apache (CVE-2017-12174). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-6926 |
|
OS Command Injection in misp-project (CVE-2018-6926)
OS command injection in misp-project (CVE-2018-6926). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12626 |
|
Vulnerability in org.apache.poi:poi (CVE-2017-12626)
vulnerability in org.apache.poi:poi (CVE-2017-12626). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.17` or later.
|
| CVE-2017-17704 |
|
Vulnerability in swhouse (CVE-2017-17704)
vulnerability in swhouse (CVE-2017-17704). Data can be tampered with by attackers.
|
| CVE-2017-14855 |
|
Vulnerability in dos (CVE-2017-14855)
vulnerability in dos (CVE-2017-14855). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17997 |
|
Vulnerability in c (CVE-2017-17997)
vulnerability in c (CVE-2017-17997). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17983 |
|
SQL Injection in sqli (CVE-2017-17983)
SQL injection in sqli (CVE-2017-17983). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17987 |
|
Unrestricted File Upload in muslim-matrimonial-script-project (CVE-2017-17987)
vulnerability in muslim-matrimonial-script-project (CVE-2017-17987). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17990 |
|
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
|
| CVE-2014-0120 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-0120)
vulnerability in csrf (CVE-2014-0120). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8119 |
|
Vulnerability in dos (CVE-2014-8119)
vulnerability in dos (CVE-2014-8119). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3302 |
|
Vulnerability in wordpress (CVE-2015-3302)
vulnerability in wordpress (CVE-2015-3302). Confidential information can be exposed externally.
|
| CVE-2015-8008 |
|
Vulnerability in mediawiki (CVE-2015-8008)
vulnerability in mediawiki (CVE-2015-8008). Confidential information can be exposed externally.
|
| CVE-2017-17901 |
|
Vulnerability in dos (CVE-2017-17901)
vulnerability in dos (CVE-2017-17901). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17973 |
|
Use-After-Free in c (CVE-2017-17973)
vulnerability in c (CVE-2017-17973). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17916 |
|
SQL Injection in rails (CVE-2017-17916)
SQL injection in rails (CVE-2017-17916). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17917 |
|
SQL Injection in rails (CVE-2017-17917)
SQL injection in rails (CVE-2017-17917). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17919 |
|
SQL Injection in rails (CVE-2017-17919)
SQL injection in rails (CVE-2017-17919). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17920 |
|
SQL Injection in rails (CVE-2017-17920)
SQL injection in rails (CVE-2017-17920). Successful exploitation can lead to full system takeover.
|
| CVE-2013-7400 |
|
Information Disclosure in dkd (CVE-2013-7400)
vulnerability in dkd (CVE-2013-7400). Confidential information can be exposed externally.
|
| CVE-2014-3651 |
|
Vulnerability in dos (CVE-2014-3651)
vulnerability in dos (CVE-2014-3651). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17950 |
|
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter.
|
| CVE-2017-17952 |
|
Vulnerability in php-multivendor-ecommerce-project (CVE-2017-17952)
vulnerability in php-multivendor-ecommerce-project (CVE-2017-17952). Data can be tampered with by attackers.
|
| CVE-2017-17960 |
|
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
|
| CVE-2017-15667 |
|
Vulnerability in dos (CVE-2017-15667)
vulnerability in dos (CVE-2017-15667). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17936 |
|
Vanguard Marketplace Digital Products PHP has CSRF via /search.
Vanguard Marketplace Digital Products PHP has CSRF via /search.
|
| CVE-2017-17939 |
|
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
|
| CVE-2017-17941 |
|
SQL Injection in sqli (CVE-2017-17941)
SQL injection in sqli (CVE-2017-17941). Successful exploitation can lead to full system takeover.
|