Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-43890 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2021-43890)
vulnerability in Microsoft windows (CVE-2021-43890). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-4102 KEV |
|
[KEV] Use-After-Free in Google chromium-v8 (CVE-2021-4102)
vulnerability in Google chromium-v8 (CVE-2021-4102). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44515 KEV |
|
[KEV] Vulnerability in Zoho desktop-central (CVE-2021-44515)
vulnerability in Zoho desktop-central (CVE-2021-44515). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-13272 KEV |
|
[KEV] Privilege Escalation in Linux kernel (CVE-2019-13272)
vulnerability in Linux kernel (CVE-2019-13272). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-35394 KEV |
|
[KEV] OS Command Injection in Realtek jungle-software-development-kit-sdk (CVE-2021-35394)
OS command injection in Realtek jungle-software-development-kit-sdk (CVE-2021-35394). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7238 KEV |
|
[KEV] Vulnerability in Sonatype nexus-repository-manager (CVE-2019-7238)
vulnerability in Sonatype nexus-repository-manager (CVE-2019-7238). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0193 KEV |
|
[KEV] Code Injection in Apache solr (CVE-2019-0193)
code injection in Apache solr (CVE-2019-0193). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44168 KEV |
|
[KEV] Vulnerability in Fortinet fortios (CVE-2021-44168)
vulnerability in Fortinet fortios (CVE-2021-44168). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-17562 KEV |
|
[KEV] Vulnerability in Embedthis goahead (CVE-2017-17562)
vulnerability in Embedthis goahead (CVE-2017-17562). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-12149 KEV |
|
[KEV] Unsafe Deserialization in Red hat red-hat (CVE-2017-12149)
vulnerability in Red hat red-hat (CVE-2017-12149). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-1871 KEV |
|
[KEV] Vulnerability in Red hat red-hat (CVE-2010-1871)
vulnerability in Red hat red-hat (CVE-2010-1871). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17463 KEV |
|
[KEV] SQL Injection in Fuel cms fuel-cms (CVE-2020-17463)
SQL injection in Fuel cms fuel-cms (CVE-2020-17463). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-8816 KEV |
|
[KEV] OS Command Injection in Pi-hole adminlte (CVE-2020-8816)
OS command injection in Pi-hole adminlte (CVE-2020-8816). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-10758 KEV |
|
[KEV] Vulnerability in Mongodb mongo-express (CVE-2019-10758)
vulnerability in Mongodb mongo-express (CVE-2019-10758). Risk of unauthorized operations or information disclosure. Exploitable via ``toBSON``. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44228 KEV |
|
[KEV] Vulnerability in Apache log4j2 (CVE-2021-44228)
vulnerability in Apache log4j2 (CVE-2021-44228). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-11261 KEV |
|
[KEV] Vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261)
vulnerability in :linux_kernel:Qualcomm (CVE-2020-11261). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2021-01-05` or later.
|
| CVE-2018-14847 KEV |
|
[KEV] Path Traversal in Mikrotik routeros (CVE-2018-14847)
path traversal in Mikrotik routeros (CVE-2018-14847). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37415 KEV |
|
[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415)
vulnerability in Zoho manageengine-servicedesk-plus-sdp (CVE-2021-37415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40438 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in apache (CVE-2021-40438)
SSRF in apache (CVE-2021-40438). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44077 KEV |
|
[KEV] Vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077)
vulnerability in Zoho manageengine-servicedesk-plus-sdp-supportcenter-plus (CVE-2021-44077). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22204 KEV |
|
[KEV] Vulnerability in Perl exiftool (CVE-2021-22204)
vulnerability in Perl exiftool (CVE-2021-22204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40449 KEV |
|
[KEV] Use-After-Free in Microsoft windows (CVE-2021-40449)
vulnerability in Microsoft windows (CVE-2021-40449). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42321 KEV |
|
[KEV] Vulnerability in Microsoft exchange (CVE-2021-42321)
vulnerability in Microsoft exchange (CVE-2021-42321). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42292 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2021-42292)
vulnerability in Microsoft office (CVE-2021-42292). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15999 KEV |
|
[KEV] Out-of-Bounds Write in Google platform/external/freetype (CVE-2020-15999)
out-of-bounds write in Google platform/external/freetype (CVE-2020-15999). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `11:2021-01-01` or later.
|
| CVE-2021-28664 KEV |
|
[KEV] Out-of-Bounds Write in Arm :unknown: (CVE-2021-28664)
out-of-bounds write in Arm :unknown: (CVE-2021-28664). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2021-05-05` or later.
|
| CVE-2021-28663 KEV |
|
[KEV] Use-After-Free in Arm :unknown: (CVE-2021-28663)
vulnerability in Arm :unknown: (CVE-2021-28663). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `SoCVersion:2021-05-05` or later.
|
| CVE-2021-27104 KEV |
|
[KEV] Vulnerability in Accellion fta (CVE-2021-27104)
vulnerability in Accellion fta (CVE-2021-27104). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27102 KEV |
|
[KEV] Vulnerability in Accellion fta (CVE-2021-27102)
vulnerability in Accellion fta (CVE-2021-27102). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27101 KEV |
|
[KEV] SQL Injection in Accellion fta (CVE-2021-27101)
SQL injection in Accellion fta (CVE-2021-27101). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27103 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Accellion fta (CVE-2021-27103)
SSRF in Accellion fta (CVE-2021-27103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21017 KEV |
|
[KEV] Vulnerability in Adobe acrobat-and-reader (CVE-2021-21017)
vulnerability in Adobe acrobat-and-reader (CVE-2021-21017). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-28550 KEV |
|
[KEV] Use-After-Free in Adobe acrobat-and-reader (CVE-2021-28550)
vulnerability in Adobe acrobat-and-reader (CVE-2021-28550). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-4939 KEV |
|
[KEV] Unsafe Deserialization in Adobe coldfusion (CVE-2018-4939)
vulnerability in Adobe coldfusion (CVE-2018-4939). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-15961 KEV |
|
[KEV] Unrestricted File Upload in Adobe coldfusion (CVE-2018-15961)
vulnerability in Adobe coldfusion (CVE-2018-15961). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-4878 KEV |
|
[KEV] Use-After-Free in Adobe flash-player (CVE-2018-4878)
vulnerability in Adobe flash-player (CVE-2018-4878). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-5735 KEV |
|
[KEV] Vulnerability in Amcrest cameras-and-network-video-recorder-nvr (CVE-2020-5735)
vulnerability in Amcrest cameras-and-network-video-recorder-nvr (CVE-2020-5735). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-2215 KEV |
|
[KEV] Use-After-Free in android (CVE-2019-2215)
vulnerability in android (CVE-2019-2215). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0041 KEV |
|
[KEV] Vulnerability in android (CVE-2020-0041)
vulnerability in android (CVE-2020-0041). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0069 KEV |
|
[KEV] Out-of-Bounds Write in Mediatek multiple-chipsets (CVE-2020-0069)
out-of-bounds write in Mediatek multiple-chipsets (CVE-2020-0069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-9805 KEV |
|
[KEV] Unsafe Deserialization in Apache struts (CVE-2017-9805)
vulnerability in Apache struts (CVE-2017-9805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42013 KEV |
|
[KEV] Path Traversal in Apache http-server (CVE-2021-42013)
path traversal in Apache http-server (CVE-2021-42013). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-41773 KEV |
|
[KEV] Path Traversal in Apache http-server (CVE-2021-41773)
path traversal in Apache http-server (CVE-2021-41773). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-0211 KEV |
|
[KEV] Use-After-Free in Apache http-server (CVE-2019-0211)
vulnerability in Apache http-server (CVE-2019-0211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-4437 KEV |
|
[KEV] Vulnerability in Apache shiro (CVE-2016-4437)
vulnerability in Apache shiro (CVE-2016-4437). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-17558 KEV |
|
[KEV] Vulnerability in Apache solr (CVE-2019-17558)
vulnerability in Apache solr (CVE-2019-17558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17530 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2020-17530)
vulnerability in Apache struts (CVE-2020-17530). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-5638 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2017-5638)
vulnerability in Apache struts (CVE-2017-5638). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-11776 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2018-11776)
vulnerability in Apache struts (CVE-2018-11776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30858 KEV |
|
[KEV] Use-After-Free in Apple ios (CVE-2021-30858)
vulnerability in Apple ios (CVE-2021-30858). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|