Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2017-14795 Out-of-Bounds Read in c (CVE-2017-14795)
vulnerability in c (CVE-2017-14795). Successful exploitation can lead to full system takeover.
CVE-2017-14796 Vulnerability in c (CVE-2017-14796)
vulnerability in c (CVE-2017-14796). Successful exploitation can lead to full system takeover.
CVE-2015-1336 Vulnerability in man-db-project (CVE-2015-1336)
vulnerability in man-db-project (CVE-2015-1336). Successful exploitation can lead to full system takeover.
CVE-2015-1537 Vulnerability in cpp (CVE-2015-1537)
vulnerability in cpp (CVE-2015-1537). Successful exploitation can lead to full system takeover.
CVE-2015-3138 Vulnerability in c (CVE-2015-3138)
vulnerability in c (CVE-2015-3138). Risk of unauthorized operations or information disclosure.
CVE-2015-3643 Vulnerability in usb-creator-project (CVE-2015-3643)
vulnerability in usb-creator-project (CVE-2015-3643). Successful exploitation can lead to full system takeover.
CVE-2017-14763 Vulnerability in genixcms (CVE-2017-14763)
vulnerability in genixcms (CVE-2017-14763). Successful exploitation can lead to full system takeover.
CVE-2017-14764 Code Injection in genixcms (CVE-2017-14764)
code injection in genixcms (CVE-2017-14764). Successful exploitation can lead to full system takeover.
CVE-2017-14766 Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
CVE-2017-14767 Buffer Overflow in c (CVE-2017-14767)
vulnerability in c (CVE-2017-14767). Successful exploitation can lead to full system takeover.
CVE-2017-14749 Buffer Overflow in dos (CVE-2017-14749)
vulnerability in dos (CVE-2017-14749). Successful exploitation can lead to full system takeover.
CVE-2017-1527 XXE (XML External Entity) in ibm (CVE-2017-1527)
vulnerability in ibm (CVE-2017-1527). Confidential information can be exposed externally.
CVE-2017-1539 Vulnerability in privilege-escalation (CVE-2017-1539)
vulnerability in privilege-escalation (CVE-2017-1539). Successful exploitation can lead to full system takeover.
CVE-2017-14745 Vulnerability in c (CVE-2017-14745)
vulnerability in c (CVE-2017-14745). Successful exploitation can lead to full system takeover.
CVE-2017-13129 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
CVE-2017-14602 Authentication Bypass in citrix (CVE-2017-14602)
authentication bypass in citrix (CVE-2017-14602). Successful exploitation can lead to full system takeover.
CVE-2017-14704 Unrestricted File Upload in laravel (CVE-2017-14704)
vulnerability in laravel (CVE-2017-14704). Successful exploitation can lead to full system takeover.
CVE-2017-5192 Authentication Bypass in salt (CVE-2017-5192)
authentication bypass in salt (CVE-2017-5192). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
CVE-2017-5200 Vulnerability in salt (CVE-2017-5200)
vulnerability in salt (CVE-2017-5200). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
CVE-2017-14743 SQL Injection in sqli (CVE-2017-14743)
SQL injection in sqli (CVE-2017-14743). Successful exploitation can lead to full system takeover.
CVE-2017-12154 Vulnerability in c (CVE-2017-12154)
vulnerability in c (CVE-2017-12154). Confidential information can be exposed externally.
CVE-2017-14001 OS Command Injection in digium (CVE-2017-14001)
OS command injection in digium (CVE-2017-14001). Successful exploitation can lead to full system takeover.
CVE-2017-14739 Vulnerability in c (CVE-2017-14739)
vulnerability in c (CVE-2017-14739). Risk of unauthorized operations or information disclosure.
CVE-2017-9961 Vulnerability in schneider-electric (CVE-2017-9961)
vulnerability in schneider-electric (CVE-2017-9961). Successful exploitation can lead to full system takeover.
CVE-2017-9962 Buffer Overflow in aveva (CVE-2017-9962)
vulnerability in aveva (CVE-2017-9962). Risk of unauthorized operations or information disclosure.
CVE-2017-7969 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
CVE-2017-9956 Vulnerability in schneider-electric (CVE-2017-9956)
vulnerability in schneider-electric (CVE-2017-9956). Risk of unauthorized operations or information disclosure.
CVE-2017-9958 Vulnerability in schneider-electric (CVE-2017-9958)
vulnerability in schneider-electric (CVE-2017-9958). Successful exploitation can lead to full system takeover.
CVE-2014-0997 Vulnerability in dos (CVE-2014-0997)
vulnerability in dos (CVE-2014-0997). Risk of unauthorized operations or information disclosure.
CVE-2014-8156 Vulnerability in dos (CVE-2014-8156)
vulnerability in dos (CVE-2014-8156). Successful exploitation can lead to full system takeover.
CVE-2014-8170 Vulnerability in ovirt (CVE-2014-8170)
vulnerability in ovirt (CVE-2014-8170). Successful exploitation can lead to full system takeover.
CVE-2017-14734 Buffer Overflow in c (CVE-2017-14734)
vulnerability in c (CVE-2017-14734). Successful exploitation can lead to full system takeover.
CVE-2015-5182 Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
CVE-2015-5183 Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
CVE-2015-5184 Console: CORS headers set to allow all in Red Hat AMQ.
Console: CORS headers set to allow all in Red Hat AMQ.
CVE-2015-5263 Vulnerability in pulpproject (CVE-2015-5263)
vulnerability in pulpproject (CVE-2015-5263). Successful exploitation can lead to full system takeover.
CVE-2015-5704 Command Injection in devscripts-devel-team (CVE-2015-5704)
command injection in devscripts-devel-team (CVE-2015-5704). Successful exploitation can lead to full system takeover.
CVE-2015-7293 Cross-Site Request Forgery (CSRF) in plone (CVE-2015-7293)
vulnerability in plone (CVE-2015-7293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0a1` or later.
CVE-2016-5868 Vulnerability in c (CVE-2016-5868)
vulnerability in c (CVE-2016-5868). Successful exploitation can lead to full system takeover.
CVE-2015-4669 SQL Injection in xceedium (CVE-2015-4669)
SQL injection in xceedium (CVE-2015-4669). Successful exploitation can lead to full system takeover.
CVE-2015-7318 Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
CVE-2017-14730 Vulnerability in elasticsearch (CVE-2017-14730)
vulnerability in elasticsearch (CVE-2017-14730). Successful exploitation can lead to full system takeover.
CVE-2015-5237 protobuf susceptible to buffer overflow
protobuf susceptible to buffer overflow
CVE-2017-1362 Vulnerability in ibm (CVE-2017-1362)
vulnerability in ibm (CVE-2017-1362). Successful exploitation can lead to full system takeover.
CVE-2017-14729 Buffer Overflow in c (CVE-2017-14729)
vulnerability in c (CVE-2017-14729). Successful exploitation can lead to full system takeover.
CVE-2017-14683 geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
CVE-2017-14627 Buffer Overflow in cyberlink (CVE-2017-14627)
vulnerability in cyberlink (CVE-2017-14627). Successful exploitation can lead to full system takeover.
CVE-2017-14719 Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
CVE-2017-14722 Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
CVE-2017-14727 Buffer Overflow in c (CVE-2017-14727)
vulnerability in c (CVE-2017-14727). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →