Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-24398 |
|
Path Traversal in path-traversal (CVE-2024-24398)
path traversal in path-traversal (CVE-2024-24398). Successful exploitation can lead to full system takeover.
|
| CVE-2024-23054 |
|
Vulnerability in plone (CVE-2024-23054)
vulnerability in plone (CVE-2024-23054). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6675 |
|
Unrestricted File Upload in nationalkeep (CVE-2023-6675)
vulnerability in nationalkeep (CVE-2023-6675). Successful exploitation can lead to full system takeover.
|
| CVE-2024-22902 |
|
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
|
| CVE-2024-22901 |
|
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
|
| CVE-2024-22922 |
|
Privilege Escalation in projectworlds (CVE-2024-22922)
vulnerability in projectworlds (CVE-2024-22922). Successful exploitation can lead to full system takeover.
|
| CVE-2023-36177 |
|
Code Injection in badaix (CVE-2023-36177)
code injection in badaix (CVE-2023-36177). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51924 |
|
Unrestricted File Upload in yonyou (CVE-2023-51924)
vulnerability in yonyou (CVE-2023-51924). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51906 |
|
Vulnerability in yonyou (CVE-2023-51906)
vulnerability in yonyou (CVE-2023-51906). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51925 |
|
Unrestricted File Upload in yonyou (CVE-2023-51925)
vulnerability in yonyou (CVE-2023-51925). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51928 |
|
Unrestricted File Upload in yonyou (CVE-2023-51928)
vulnerability in yonyou (CVE-2023-51928). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51927 |
|
SQL Injection in sqli (CVE-2023-51927)
SQL injection in sqli (CVE-2023-51927). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51892 |
|
Vulnerability in weaver (CVE-2023-51892)
vulnerability in weaver (CVE-2023-51892). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51947 |
|
Vulnerability in actidata (CVE-2023-51947)
vulnerability in actidata (CVE-2023-51947). Confidential information can be exposed externally.
|
| CVE-2023-5806 |
|
SQL Injection in sqli (CVE-2023-5806)
SQL injection in sqli (CVE-2023-5806). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26999 |
|
XXE (XML External Entity) in dos (CVE-2023-26999)
vulnerability in dos (CVE-2023-26999). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50643 |
|
Vulnerability in evernote (CVE-2023-50643)
vulnerability in evernote (CVE-2023-50643). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47458 |
|
Vulnerability in bladex (CVE-2023-47458)
vulnerability in bladex (CVE-2023-47458). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6436 |
|
SQL Injection in sqli (CVE-2023-6436)
SQL injection in sqli (CVE-2023-6436). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50651 |
|
OS Command Injection in totolink (CVE-2023-50651)
OS command injection in totolink (CVE-2023-50651). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4675 |
|
SQL Injection in sqli (CVE-2023-4675)
SQL injection in sqli (CVE-2023-4675). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4541 |
|
SQL Injection in sqli (CVE-2023-4541)
SQL injection in sqli (CVE-2023-4541). Successful exploitation can lead to full system takeover.
|
| CVE-2023-4671 |
|
SQL Injection in sqli (CVE-2023-4671)
SQL injection in sqli (CVE-2023-4671). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6879 |
|
Vulnerability in aomedia (CVE-2023-6879)
vulnerability in aomedia (CVE-2023-6879). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6190 |
|
Path Traversal in path-traversal (CVE-2023-6190)
path traversal in path-traversal (CVE-2023-6190). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6145 |
|
SQL Injection in sqli (CVE-2023-6145)
SQL injection in sqli (CVE-2023-6145). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50990 |
|
Out-of-Bounds Write in tenda (CVE-2023-50990)
out-of-bounds write in tenda (CVE-2023-50990). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50989 |
|
Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50992 |
|
Out-of-Bounds Write in tenda (CVE-2023-50992)
out-of-bounds write in tenda (CVE-2023-50992). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50988 |
|
Out-of-Bounds Write in tenda (CVE-2023-50988)
out-of-bounds write in tenda (CVE-2023-50988). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50983 |
|
Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50987 |
|
Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50985 |
|
Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50986 |
|
Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50984 |
|
Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
|
| CVE-2023-50918 |
|
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
|
| CVE-2023-5636 |
|
Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5636)
vulnerability in arslansoft-education-portal-project (CVE-2023-5636). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5634 |
|
SQL Injection in sqli (CVE-2023-5634)
SQL injection in sqli (CVE-2023-5634). Successful exploitation can lead to full system takeover.
|
| CVE-2023-23325 |
|
OS Command Injection in zumtobel (CVE-2023-23325)
OS command injection in zumtobel (CVE-2023-23325). Successful exploitation can lead to full system takeover.
|
| CVE-2023-23324 |
|
Vulnerability in zumtobel (CVE-2023-23324)
vulnerability in zumtobel (CVE-2023-23324). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48193 |
|
Vulnerability in fit2cloud (CVE-2023-48193)
vulnerability in fit2cloud (CVE-2023-48193). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3631 |
|
SQL Injection in sqli (CVE-2023-3631)
SQL injection in sqli (CVE-2023-3631). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3377 |
|
SQL Injection in sqli (CVE-2023-3377)
SQL injection in sqli (CVE-2023-3377). Successful exploitation can lead to full system takeover.
|
| CVE-2023-2889 |
|
SQL Injection in sqli (CVE-2023-2889)
SQL injection in sqli (CVE-2023-2889). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5047 |
|
SQL Injection in sqli (CVE-2023-5047)
SQL injection in sqli (CVE-2023-5047). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48657 |
|
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
|
| CVE-2023-48656 |
|
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
|
| CVE-2023-48655 |
|
Vulnerability in misp-project (CVE-2023-48655)
vulnerability in misp-project (CVE-2023-48655). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48658 |
|
Vulnerability in misp-project (CVE-2023-48658)
vulnerability in misp-project (CVE-2023-48658). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48659 |
|
Vulnerability in misp-project (CVE-2023-48659)
vulnerability in misp-project (CVE-2023-48659). Successful exploitation can lead to full system takeover.
|