Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2024-24398 Path Traversal in path-traversal (CVE-2024-24398)
path traversal in path-traversal (CVE-2024-24398). Successful exploitation can lead to full system takeover.
CVE-2024-23054 Vulnerability in plone (CVE-2024-23054)
vulnerability in plone (CVE-2024-23054). Successful exploitation can lead to full system takeover.
CVE-2023-6675 Unrestricted File Upload in nationalkeep (CVE-2023-6675)
vulnerability in nationalkeep (CVE-2023-6675). Successful exploitation can lead to full system takeover.
CVE-2024-22902 Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
CVE-2024-22901 Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
CVE-2024-22922 Privilege Escalation in projectworlds (CVE-2024-22922)
vulnerability in projectworlds (CVE-2024-22922). Successful exploitation can lead to full system takeover.
CVE-2023-36177 Code Injection in badaix (CVE-2023-36177)
code injection in badaix (CVE-2023-36177). Successful exploitation can lead to full system takeover.
CVE-2023-51924 Unrestricted File Upload in yonyou (CVE-2023-51924)
vulnerability in yonyou (CVE-2023-51924). Successful exploitation can lead to full system takeover.
CVE-2023-51906 Vulnerability in yonyou (CVE-2023-51906)
vulnerability in yonyou (CVE-2023-51906). Successful exploitation can lead to full system takeover.
CVE-2023-51925 Unrestricted File Upload in yonyou (CVE-2023-51925)
vulnerability in yonyou (CVE-2023-51925). Successful exploitation can lead to full system takeover.
CVE-2023-51928 Unrestricted File Upload in yonyou (CVE-2023-51928)
vulnerability in yonyou (CVE-2023-51928). Successful exploitation can lead to full system takeover.
CVE-2023-51927 SQL Injection in sqli (CVE-2023-51927)
SQL injection in sqli (CVE-2023-51927). Successful exploitation can lead to full system takeover.
CVE-2023-51892 Vulnerability in weaver (CVE-2023-51892)
vulnerability in weaver (CVE-2023-51892). Successful exploitation can lead to full system takeover.
CVE-2023-51947 Vulnerability in actidata (CVE-2023-51947)
vulnerability in actidata (CVE-2023-51947). Confidential information can be exposed externally.
CVE-2023-5806 SQL Injection in sqli (CVE-2023-5806)
SQL injection in sqli (CVE-2023-5806). Successful exploitation can lead to full system takeover.
CVE-2023-26999 XXE (XML External Entity) in dos (CVE-2023-26999)
vulnerability in dos (CVE-2023-26999). Successful exploitation can lead to full system takeover.
CVE-2023-50643 Vulnerability in evernote (CVE-2023-50643)
vulnerability in evernote (CVE-2023-50643). Successful exploitation can lead to full system takeover.
CVE-2023-47458 Vulnerability in bladex (CVE-2023-47458)
vulnerability in bladex (CVE-2023-47458). Successful exploitation can lead to full system takeover.
CVE-2023-6436 SQL Injection in sqli (CVE-2023-6436)
SQL injection in sqli (CVE-2023-6436). Successful exploitation can lead to full system takeover.
CVE-2023-50651 OS Command Injection in totolink (CVE-2023-50651)
OS command injection in totolink (CVE-2023-50651). Successful exploitation can lead to full system takeover.
CVE-2023-4675 SQL Injection in sqli (CVE-2023-4675)
SQL injection in sqli (CVE-2023-4675). Successful exploitation can lead to full system takeover.
CVE-2023-4541 SQL Injection in sqli (CVE-2023-4541)
SQL injection in sqli (CVE-2023-4541). Successful exploitation can lead to full system takeover.
CVE-2023-4671 SQL Injection in sqli (CVE-2023-4671)
SQL injection in sqli (CVE-2023-4671). Successful exploitation can lead to full system takeover.
CVE-2023-6879 Vulnerability in aomedia (CVE-2023-6879)
vulnerability in aomedia (CVE-2023-6879). Successful exploitation can lead to full system takeover.
CVE-2023-6190 Path Traversal in path-traversal (CVE-2023-6190)
path traversal in path-traversal (CVE-2023-6190). Successful exploitation can lead to full system takeover.
CVE-2023-6145 SQL Injection in sqli (CVE-2023-6145)
SQL injection in sqli (CVE-2023-6145). Successful exploitation can lead to full system takeover.
CVE-2023-50990 Out-of-Bounds Write in tenda (CVE-2023-50990)
out-of-bounds write in tenda (CVE-2023-50990). Successful exploitation can lead to full system takeover.
CVE-2023-50989 Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
CVE-2023-50992 Out-of-Bounds Write in tenda (CVE-2023-50992)
out-of-bounds write in tenda (CVE-2023-50992). Successful exploitation can lead to full system takeover.
CVE-2023-50988 Out-of-Bounds Write in tenda (CVE-2023-50988)
out-of-bounds write in tenda (CVE-2023-50988). Successful exploitation can lead to full system takeover.
CVE-2023-50983 Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
CVE-2023-50987 Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
CVE-2023-50985 Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
CVE-2023-50986 Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
CVE-2023-50984 Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
CVE-2023-50918 app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
CVE-2023-5636 Unrestricted File Upload in arslansoft-education-portal-project (CVE-2023-5636)
vulnerability in arslansoft-education-portal-project (CVE-2023-5636). Successful exploitation can lead to full system takeover.
CVE-2023-5634 SQL Injection in sqli (CVE-2023-5634)
SQL injection in sqli (CVE-2023-5634). Successful exploitation can lead to full system takeover.
CVE-2023-23325 OS Command Injection in zumtobel (CVE-2023-23325)
OS command injection in zumtobel (CVE-2023-23325). Successful exploitation can lead to full system takeover.
CVE-2023-23324 Vulnerability in zumtobel (CVE-2023-23324)
vulnerability in zumtobel (CVE-2023-23324). Successful exploitation can lead to full system takeover.
CVE-2023-48193 Vulnerability in fit2cloud (CVE-2023-48193)
vulnerability in fit2cloud (CVE-2023-48193). Successful exploitation can lead to full system takeover.
CVE-2023-3631 SQL Injection in sqli (CVE-2023-3631)
SQL injection in sqli (CVE-2023-3631). Successful exploitation can lead to full system takeover.
CVE-2023-3377 SQL Injection in sqli (CVE-2023-3377)
SQL injection in sqli (CVE-2023-3377). Successful exploitation can lead to full system takeover.
CVE-2023-2889 SQL Injection in sqli (CVE-2023-2889)
SQL injection in sqli (CVE-2023-2889). Successful exploitation can lead to full system takeover.
CVE-2023-5047 SQL Injection in sqli (CVE-2023-5047)
SQL injection in sqli (CVE-2023-5047). Successful exploitation can lead to full system takeover.
CVE-2023-48657 An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
CVE-2023-48656 An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
CVE-2023-48655 Vulnerability in misp-project (CVE-2023-48655)
vulnerability in misp-project (CVE-2023-48655). Successful exploitation can lead to full system takeover.
CVE-2023-48658 Vulnerability in misp-project (CVE-2023-48658)
vulnerability in misp-project (CVE-2023-48658). Successful exploitation can lead to full system takeover.
CVE-2023-48659 Vulnerability in misp-project (CVE-2023-48659)
vulnerability in misp-project (CVE-2023-48659). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →