Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-14795 |
|
Out-of-Bounds Read in c (CVE-2017-14795)
vulnerability in c (CVE-2017-14795). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14796 |
|
Vulnerability in c (CVE-2017-14796)
vulnerability in c (CVE-2017-14796). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1336 |
|
Vulnerability in man-db-project (CVE-2015-1336)
vulnerability in man-db-project (CVE-2015-1336). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1537 |
|
Vulnerability in cpp (CVE-2015-1537)
vulnerability in cpp (CVE-2015-1537). Successful exploitation can lead to full system takeover.
|
| CVE-2015-3138 |
|
Vulnerability in c (CVE-2015-3138)
vulnerability in c (CVE-2015-3138). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3643 |
|
Vulnerability in usb-creator-project (CVE-2015-3643)
vulnerability in usb-creator-project (CVE-2015-3643). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14763 |
|
Vulnerability in genixcms (CVE-2017-14763)
vulnerability in genixcms (CVE-2017-14763). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14764 |
|
Code Injection in genixcms (CVE-2017-14764)
code injection in genixcms (CVE-2017-14764). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14767 |
|
Buffer Overflow in c (CVE-2017-14767)
vulnerability in c (CVE-2017-14767). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14749 |
|
Buffer Overflow in dos (CVE-2017-14749)
vulnerability in dos (CVE-2017-14749). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1527 |
|
XXE (XML External Entity) in ibm (CVE-2017-1527)
vulnerability in ibm (CVE-2017-1527). Confidential information can be exposed externally.
|
| CVE-2017-1539 |
|
Vulnerability in privilege-escalation (CVE-2017-1539)
vulnerability in privilege-escalation (CVE-2017-1539). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14745 |
|
Vulnerability in c (CVE-2017-14745)
vulnerability in c (CVE-2017-14745). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13129 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14602 |
|
Authentication Bypass in citrix (CVE-2017-14602)
authentication bypass in citrix (CVE-2017-14602). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14704 |
|
Unrestricted File Upload in laravel (CVE-2017-14704)
vulnerability in laravel (CVE-2017-14704). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5192 |
|
Authentication Bypass in salt (CVE-2017-5192)
authentication bypass in salt (CVE-2017-5192). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
|
| CVE-2017-5200 |
|
Vulnerability in salt (CVE-2017-5200)
vulnerability in salt (CVE-2017-5200). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2015.8.13, 2016.3.5, 2016.11.2` or later.
|
| CVE-2017-14743 |
|
SQL Injection in sqli (CVE-2017-14743)
SQL injection in sqli (CVE-2017-14743). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12154 |
|
Vulnerability in c (CVE-2017-12154)
vulnerability in c (CVE-2017-12154). Confidential information can be exposed externally.
|
| CVE-2017-14001 |
|
OS Command Injection in digium (CVE-2017-14001)
OS command injection in digium (CVE-2017-14001). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14739 |
|
Vulnerability in c (CVE-2017-14739)
vulnerability in c (CVE-2017-14739). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9961 |
|
Vulnerability in schneider-electric (CVE-2017-9961)
vulnerability in schneider-electric (CVE-2017-9961). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9962 |
|
Buffer Overflow in aveva (CVE-2017-9962)
vulnerability in aveva (CVE-2017-9962). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7969 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9956 |
|
Vulnerability in schneider-electric (CVE-2017-9956)
vulnerability in schneider-electric (CVE-2017-9956). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9958 |
|
Vulnerability in schneider-electric (CVE-2017-9958)
vulnerability in schneider-electric (CVE-2017-9958). Successful exploitation can lead to full system takeover.
|
| CVE-2014-0997 |
|
Vulnerability in dos (CVE-2014-0997)
vulnerability in dos (CVE-2014-0997). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8156 |
|
Vulnerability in dos (CVE-2014-8156)
vulnerability in dos (CVE-2014-8156). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8170 |
|
Vulnerability in ovirt (CVE-2014-8170)
vulnerability in ovirt (CVE-2014-8170). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14734 |
|
Buffer Overflow in c (CVE-2017-14734)
vulnerability in c (CVE-2017-14734). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5182 |
|
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
|
| CVE-2015-5183 |
|
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
|
| CVE-2015-5184 |
|
Console: CORS headers set to allow all in Red Hat AMQ.
Console: CORS headers set to allow all in Red Hat AMQ.
|
| CVE-2015-5263 |
|
Vulnerability in pulpproject (CVE-2015-5263)
vulnerability in pulpproject (CVE-2015-5263). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5704 |
|
Command Injection in devscripts-devel-team (CVE-2015-5704)
command injection in devscripts-devel-team (CVE-2015-5704). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7293 |
|
Cross-Site Request Forgery (CSRF) in plone (CVE-2015-7293)
vulnerability in plone (CVE-2015-7293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0a1` or later.
|
| CVE-2016-5868 |
|
Vulnerability in c (CVE-2016-5868)
vulnerability in c (CVE-2016-5868). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4669 |
|
SQL Injection in xceedium (CVE-2015-4669)
SQL injection in xceedium (CVE-2015-4669). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7318 |
|
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.
|
| CVE-2017-14730 |
|
Vulnerability in elasticsearch (CVE-2017-14730)
vulnerability in elasticsearch (CVE-2017-14730). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5237 |
|
protobuf susceptible to buffer overflow
protobuf susceptible to buffer overflow
|
| CVE-2017-1362 |
|
Vulnerability in ibm (CVE-2017-1362)
vulnerability in ibm (CVE-2017-1362). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14729 |
|
Buffer Overflow in c (CVE-2017-14729)
vulnerability in c (CVE-2017-14729). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14683 |
|
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
|
| CVE-2017-14627 |
|
Buffer Overflow in cyberlink (CVE-2017-14627)
vulnerability in cyberlink (CVE-2017-14627). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14719 |
|
Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
|
| CVE-2017-14722 |
|
Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
|
| CVE-2017-14727 |
|
Buffer Overflow in c (CVE-2017-14727)
vulnerability in c (CVE-2017-14727). Risk of unauthorized operations or information disclosure.
|