Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2020-25912 XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
CVE-2021-3825 Vulnerability in pardus (CVE-2021-3825)
vulnerability in pardus (CVE-2021-3825). Successful exploitation can lead to full system takeover.
CVE-2021-41326 Vulnerability in misp-project (CVE-2021-41326)
vulnerability in misp-project (CVE-2021-41326). Successful exploitation can lead to full system takeover.
CVE-2021-36582 Unrestricted File Upload in kooboo (CVE-2021-36582)
vulnerability in kooboo (CVE-2021-36582). Successful exploitation can lead to full system takeover.
CVE-2021-36581 Unrestricted File Upload in kooboo (CVE-2021-36581)
vulnerability in kooboo (CVE-2021-36581). Successful exploitation can lead to full system takeover.
CVE-2021-39302 SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
CVE-2021-33485 CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
CVE-2021-22779 Vulnerability in schneider-electric (CVE-2021-22779)
vulnerability in schneider-electric (CVE-2021-22779). Confidential information can be exposed externally.
CVE-2021-35502 Vulnerability in misp-project (CVE-2021-35502)
vulnerability in misp-project (CVE-2021-35502). Successful exploitation can lead to full system takeover.
CVE-2021-27132 Vulnerability in sercomm (CVE-2021-27132)
vulnerability in sercomm (CVE-2021-27132). Successful exploitation can lead to full system takeover.
CVE-2020-27285 Vulnerability in redlion (CVE-2020-27285)
vulnerability in redlion (CVE-2020-27285). Confidential information can be exposed externally.
CVE-2020-35276 SQL Injection in sqli (CVE-2020-35276)
SQL injection in sqli (CVE-2020-35276). Successful exploitation can lead to full system takeover.
CVE-2020-29006 Vulnerability in misp-project (CVE-2020-29006)
vulnerability in misp-project (CVE-2020-29006). Successful exploitation can lead to full system takeover.
CVE-2020-25466 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-25466)
SSRF in ssrf (CVE-2020-25466). Successful exploitation can lead to full system takeover.
CVE-2018-5353 Vulnerability in zohocorp (CVE-2018-5353)
vulnerability in zohocorp (CVE-2018-5353). Successful exploitation can lead to full system takeover.
CVE-2020-24193 SQL Injection in sqli (CVE-2020-24193)
SQL injection in sqli (CVE-2020-24193). Successful exploitation can lead to full system takeover.
CVE-2020-15411 Privilege Escalation in misp-project (CVE-2020-15411)
vulnerability in misp-project (CVE-2020-15411). Successful exploitation can lead to full system takeover.
CVE-2022-28932 D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
CVE-2015-0987 Information Disclosure in omron (CVE-2015-0987)
vulnerability in omron (CVE-2015-0987). Confidential information can be exposed externally.
CVE-2022-29351 Unrestricted File Upload in tiddlywiki (CVE-2022-29351)
vulnerability in tiddlywiki (CVE-2022-29351). Successful exploitation can lead to full system takeover.
CVE-2018-8851 Vulnerability in echelon (CVE-2018-8851)
vulnerability in echelon (CVE-2018-8851). Successful exploitation can lead to full system takeover.
CVE-2018-11091 Unrestricted File Upload in mybiz (CVE-2018-11091)
vulnerability in mybiz (CVE-2018-11091). Successful exploitation can lead to full system takeover.
CVE-2018-7791 Authentication Bypass in schneider-electric (CVE-2018-7791)
authentication bypass in schneider-electric (CVE-2018-7791). Successful exploitation can lead to full system takeover.
CVE-2018-7790 Vulnerability in schneider-electric (CVE-2018-7790)
vulnerability in schneider-electric (CVE-2018-7790). Successful exploitation can lead to full system takeover.
CVE-2022-28568 Unrestricted File Upload in simple-doctors-appointment-system-project (CVE-2022-28568)
vulnerability in simple-doctors-appointment-system-project (CVE-2022-28568). Successful exploitation can lead to full system takeover.
CVE-2022-29347 Unrestricted File Upload in web-at-rchiv-project (CVE-2022-29347)
vulnerability in web-at-rchiv-project (CVE-2022-29347). Successful exploitation can lead to full system takeover.
CVE-2021-43163 Command Injection in ruijienetworks (CVE-2021-43163)
command injection in ruijienetworks (CVE-2021-43163). Successful exploitation can lead to full system takeover.
CVE-2022-28118 SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in.
SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in.
CVE-2021-44596 Vulnerability in wondershare (CVE-2021-44596)
vulnerability in wondershare (CVE-2021-44596). Successful exploitation can lead to full system takeover.
CVE-2021-41945 Vulnerability in encode (CVE-2021-41945)
vulnerability in encode (CVE-2021-41945). Confidential information can be exposed externally. Exploitable via ``httpx.URL``.
CVE-2022-27984 SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
CVE-2022-27985 SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
CVE-2022-28093 Vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093)
vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093). Successful exploitation can lead to full system takeover.
CVE-2022-29528 An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
CVE-2022-28397 Unrestricted File Upload in ghost (CVE-2022-28397)
vulnerability in ghost (CVE-2022-28397). Successful exploitation can lead to full system takeover.
CVE-2022-27262 Unrestricted File Upload in sailsjs (CVE-2022-27262)
vulnerability in sailsjs (CVE-2022-27262). Successful exploitation can lead to full system takeover.
CVE-2022-27260 Unrestricted File Upload in buttercms (CVE-2022-27260)
vulnerability in buttercms (CVE-2022-27260). Successful exploitation can lead to full system takeover.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2022-26645 Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
CVE-2022-26646 Vulnerability in oretnom23 (CVE-2022-26646)
vulnerability in oretnom23 (CVE-2022-26646). Successful exploitation can lead to full system takeover.
CVE-2021-46009 Vulnerability in totolink (CVE-2021-46009)
vulnerability in totolink (CVE-2021-46009). Successful exploitation can lead to full system takeover.
CVE-2021-46007 OS Command Injection in totolink (CVE-2021-46007)
OS command injection in totolink (CVE-2021-46007). Successful exploitation can lead to full system takeover.
CVE-2022-25521 UNNO v03.11.00 was discovered to contain access control issue.
UNNO v03.11.00 was discovered to contain access control issue.
CVE-2021-42237 KEV [KEV] Unsafe Deserialization in Sitecore xp (CVE-2021-42237)
vulnerability in Sitecore xp (CVE-2021-42237). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2018-1273 KEV [KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2018-1273)
code injection in Vmware tanzu vmware-tanzu (CVE-2018-1273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2022-24293 Vulnerability in dos (CVE-2022-24293)
vulnerability in dos (CVE-2022-24293). Successful exploitation can lead to full system takeover.
CVE-2022-24292 Vulnerability in dos (CVE-2022-24292)
vulnerability in dos (CVE-2022-24292). Successful exploitation can lead to full system takeover.
CVE-2021-45756 Vulnerability in asus (CVE-2021-45756)
vulnerability in asus (CVE-2021-45756). Successful exploitation can lead to full system takeover.
CVE-2022-25578 Code Injection in taogogo (CVE-2022-25578)
code injection in taogogo (CVE-2022-25578). Successful exploitation can lead to full system takeover.
CVE-2021-45834 Unrestricted File Upload in opendocman (CVE-2021-45834)
vulnerability in opendocman (CVE-2021-45834). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →