Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-0263 KEV |
|
[KEV] Use-After-Free in Microsoft win32k (CVE-2017-0263)
vulnerability in Microsoft win32k (CVE-2017-0263). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0262 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2017-0262)
vulnerability in Microsoft office (CVE-2017-0262). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0145 KEV |
|
[KEV] Vulnerability in Microsoft smbv1 (CVE-2017-0145)
vulnerability in Microsoft smbv1 (CVE-2017-0145). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-0144 KEV |
|
[KEV] Vulnerability in Microsoft smbv1 (CVE-2017-0144)
vulnerability in Microsoft smbv1 (CVE-2017-0144). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3088 KEV |
|
[KEV] Vulnerability in Apache activemq (CVE-2016-3088)
vulnerability in Apache activemq (CVE-2016-3088). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2051 KEV |
|
[KEV] Command Injection in D-link dir-645-router (CVE-2015-2051)
command injection in D-link dir-645-router (CVE-2015-2051). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1635 KEV |
|
[KEV] Code Injection in Microsoft httpsys (CVE-2015-1635)
code injection in Microsoft httpsys (CVE-2015-1635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1130 KEV |
|
[KEV] Vulnerability in Apple os-x (CVE-2015-1130)
vulnerability in Apple os-x (CVE-2015-1130). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-4404 KEV |
|
[KEV] Buffer Overflow in Apple os-x (CVE-2014-4404)
vulnerability in Apple os-x (CVE-2014-4404). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-21882 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft win32k (CVE-2022-21882)
out-of-bounds write in Microsoft win32k (CVE-2022-21882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22587 KEV |
|
[KEV] Vulnerability in Apple ios-and-macos (CVE-2022-22587)
vulnerability in Apple ios-and-macos (CVE-2022-22587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-20038 KEV |
|
[KEV] Vulnerability in Sonicwall sma-100-appliances (CVE-2021-20038)
vulnerability in Sonicwall sma-100-appliances (CVE-2021-20038). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-5722 KEV |
|
[KEV] SQL Injection in Grandstream ucm6200 (CVE-2020-5722)
SQL injection in Grandstream ucm6200 (CVE-2020-5722). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0787 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2020-0787)
vulnerability in Microsoft windows (CVE-2020-0787). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-5689 KEV |
|
[KEV] Vulnerability in Intel active-management-technology-amt (CVE-2017-5689)
vulnerability in Intel active-management-technology-amt (CVE-2017-5689). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-1776 KEV |
|
[KEV] Use-After-Free in Microsoft internet-explorer (CVE-2014-1776)
vulnerability in Microsoft internet-explorer (CVE-2014-1776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-6271 KEV |
|
[KEV] OS Command Injection in Gnu bourne-again-shell-bash (CVE-2014-6271)
OS command injection in Gnu bourne-again-shell-bash (CVE-2014-6271). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-7169 KEV |
|
[KEV] OS Command Injection in Gnu bourne-again-shell-bash (CVE-2014-7169)
OS command injection in Gnu bourne-again-shell-bash (CVE-2014-7169). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2006-1547 KEV |
|
[KEV] Vulnerability in Apache struts-1 (CVE-2006-1547)
vulnerability in Apache struts-1 (CVE-2006-1547). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-0391 KEV |
|
[KEV] Vulnerability in Apache struts-2 (CVE-2012-0391)
vulnerability in Apache struts-2 (CVE-2012-0391). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-8453 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2018-8453)
vulnerability in Microsoft win32k (CVE-2018-8453). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-35247 KEV |
|
[KEV] Vulnerability in Solarwinds serv-u (CVE-2021-35247)
vulnerability in Solarwinds serv-u (CVE-2021-35247). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-32648 KEV |
|
[KEV] Authentication Bypass in October cms october-cms (CVE-2021-32648)
authentication bypass in October cms october-cms (CVE-2021-32648). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25296 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25296)
OS command injection in nagios (CVE-2021-25296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25297 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25297)
OS command injection in nagios (CVE-2021-25297). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25298 KEV |
|
[KEV] OS Command Injection in nagios (CVE-2021-25298)
OS command injection in nagios (CVE-2021-25298). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40870 KEV |
|
[KEV] Vulnerability in aviatrix (CVE-2021-40870)
vulnerability in aviatrix (CVE-2021-40870). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-33766 KEV |
|
[KEV] Authentication Bypass in Microsoft exchange-server (CVE-2021-33766)
authentication bypass in Microsoft exchange-server (CVE-2021-33766). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21975 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Vmware vrealize-operations-manager-api (CVE-2021-21975)
SSRF in Vmware vrealize-operations-manager-api (CVE-2021-21975). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21315 KEV |
|
[KEV] OS Command Injection in Npm package npm-package (CVE-2021-21315)
OS command injection in Npm package npm-package (CVE-2021-21315). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22991 KEV |
|
[KEV] Buffer Overflow in F5 big-ip-traffic-management-microkernel (CVE-2021-22991)
vulnerability in F5 big-ip-traffic-management-microkernel (CVE-2021-22991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-14864 KEV |
|
[KEV] Path Traversal in Oracle intelligence-enterprise-edition (CVE-2020-14864)
path traversal in Oracle intelligence-enterprise-edition (CVE-2020-14864). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-13671 KEV |
|
[KEV] Unrestricted File Upload in drupal (CVE-2020-13671)
vulnerability in drupal (CVE-2020-13671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11978 KEV |
|
[KEV] OS Command Injection in Apache airflow (CVE-2020-11978)
OS command injection in Apache airflow (CVE-2020-11978). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-13927 KEV |
|
[KEV] Vulnerability in Apache airflows-experimental-api (CVE-2020-13927)
vulnerability in Apache airflows-experimental-api (CVE-2020-13927). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22017 KEV |
|
[KEV] Vulnerability in Vmware vcenter-server (CVE-2021-22017)
vulnerability in Vmware vcenter-server (CVE-2021-22017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-36260 KEV |
|
[KEV] OS Command Injection in Hikvision security-cameras-web-server (CVE-2021-36260)
OS command injection in Hikvision security-cameras-web-server (CVE-2021-36260). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-6572 KEV |
|
[KEV] Use-After-Free in Google chrome-media (CVE-2020-6572)
vulnerability in Google chrome-media (CVE-2020-6572). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1458 KEV |
|
[KEV] Vulnerability in Microsoft win32k (CVE-2019-1458)
vulnerability in Microsoft win32k (CVE-2019-1458). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3900 KEV |
|
[KEV] Vulnerability in Microsoft winverifytrust-function (CVE-2013-3900)
vulnerability in Microsoft winverifytrust-function (CVE-2013-3900). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-2725 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2019-2725)
vulnerability in Oracle weblogic-server (CVE-2019-2725). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-9670 KEV |
|
[KEV] XXE (XML External Entity) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9670)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9670). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-13382 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2018-13382)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2018-13382). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-13383 KEV |
|
[KEV] Out-of-Bounds Write in Fortinet fortios-and-fortiproxy (CVE-2018-13383)
out-of-bounds write in Fortinet fortios-and-fortiproxy (CVE-2018-13383). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-1579 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2019-1579)
vulnerability in Palo alto networks palo-alto-networks (CVE-2019-1579). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-10149 KEV |
|
[KEV] OS Command Injection in Exim mail-transfer-agent-mta (CVE-2019-10149)
OS command injection in Exim mail-transfer-agent-mta (CVE-2019-10149). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-7450 KEV |
|
[KEV] Code Injection in Ibm websphere-application-server-and-server-hypervisor-edition (CVE-2015-7450)
code injection in Ibm websphere-application-server-and-server-hypervisor-edition (CVE-2015-7450). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-1000486 KEV |
|
[KEV] Vulnerability in Primetek primefaces-application (CVE-2017-1000486)
vulnerability in Primetek primefaces-application (CVE-2017-1000486). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7609 KEV |
|
[KEV] Code Injection in Elastic kibana (CVE-2019-7609)
code injection in Elastic kibana (CVE-2019-7609). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27860 KEV |
|
[KEV] Unrestricted File Upload in Fatpipe warp (CVE-2021-27860)
vulnerability in Fatpipe warp (CVE-2021-27860). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|