Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-33246 KEV |
|
[KEV] Code Injection in Apache rocketmq (CVE-2023-33246)
code injection in Apache rocketmq (CVE-2023-33246). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33469 |
|
Code Injection in kramerav (CVE-2023-33469)
code injection in kramerav (CVE-2023-33469). Successful exploitation can lead to full system takeover.
|
| CVE-2023-36095 |
|
Code Injection in langchain (CVE-2023-36095)
code injection in langchain (CVE-2023-36095). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.236` or later.
|
| CVE-2023-36255 |
|
Code Injection in eramba (CVE-2023-36255)
code injection in eramba (CVE-2023-36255). Successful exploitation can lead to full system takeover.
|
| CVE-2023-34842 |
|
Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
|
| CVE-2023-3519 KEV |
|
[KEV] Code Injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519)
code injection in Citrix netscaler-adc-and-netscaler-gateway (CVE-2023-3519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-47879 |
|
Code Injection in jedox (CVE-2022-47879)
code injection in jedox (CVE-2022-47879). Successful exploitation can lead to full system takeover.
|
| CVE-2023-25717 KEV |
|
[KEV] Code Injection in Ruckus wireless ruckus-wireless (CVE-2023-25717)
code injection in Ruckus wireless ruckus-wireless (CVE-2023-25717). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-30404 |
|
Code Injection in aigital (CVE-2023-30404)
code injection in aigital (CVE-2023-30404). Successful exploitation can lead to full system takeover.
|
| CVE-2023-29492 KEV |
|
[KEV] Code Injection in Novi survey novi-survey (CVE-2023-29492)
code injection in Novi survey novi-survey (CVE-2023-29492). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3163 KEV |
|
[KEV] Code Injection in Microsoft internet-explorer (CVE-2013-3163)
code injection in Microsoft internet-explorer (CVE-2013-3163). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-7494 KEV |
|
[KEV] Code Injection in samba (CVE-2017-7494)
code injection in samba (CVE-2017-7494). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-25261 |
|
Code Injection in stimulsoft (CVE-2023-25261)
code injection in stimulsoft (CVE-2023-25261). Successful exploitation can lead to full system takeover.
|
| CVE-2021-39144 KEV |
|
[KEV] Code Injection in xstream (CVE-2021-39144)
code injection in xstream (CVE-2021-39144). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-45553 |
|
Code Injection in zbt (CVE-2022-45553)
code injection in zbt (CVE-2022-45553). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41223 KEV |
|
[KEV] Code Injection in Mitel mivoice-connect (CVE-2022-41223)
code injection in Mitel mivoice-connect (CVE-2022-41223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-44702 |
|
Windows Terminal Remote Code Execution Vulnerability
Windows Terminal Remote Code Execution Vulnerability
|
| CVE-2022-44087 |
|
Code Injection in ecisp (CVE-2022-44087)
code injection in ecisp (CVE-2022-44087). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44088 |
|
Code Injection in ecisp (CVE-2022-44088)
code injection in ecisp (CVE-2022-44088). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44089 |
|
Code Injection in ecisp (CVE-2022-44089)
code injection in ecisp (CVE-2022-44089). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41061 |
|
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
|
| CVE-2022-3236 KEV |
|
[KEV] Code Injection in Sophos firewall (CVE-2022-3236)
code injection in Sophos firewall (CVE-2022-3236). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-37053 |
|
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
|
| CVE-2022-22963 KEV |
|
[KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2022-22963)
code injection in Vmware tanzu vmware-tanzu (CVE-2022-22963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-36262 |
|
Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
|
| CVE-2009-1862 KEV |
|
[KEV] Code Injection in Adobe acrobat-and-reader (CVE-2009-1862)
code injection in Adobe acrobat-and-reader (CVE-2009-1862). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2009-0557 KEV |
|
[KEV] Code Injection in Microsoft office (CVE-2009-0557)
code injection in Microsoft office (CVE-2009-0557). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-4148 KEV |
|
[KEV] Code Injection in Microsoft windows (CVE-2014-4148)
code injection in Microsoft windows (CVE-2014-4148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-41653 |
|
Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
|
| CVE-2020-17091 |
|
Microsoft Teams Remote Code Execution Vulnerability
Microsoft Teams Remote Code Execution Vulnerability
|
| CVE-2022-22947 KEV |
|
[KEV] Code Injection in Vmware spring-cloud-gateway (CVE-2022-22947)
code injection in Vmware spring-cloud-gateway (CVE-2022-22947). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-22954 KEV |
|
[KEV] Code Injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954)
code injection in Vmware workspace-one-access-and-identity-manager (CVE-2022-22954). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40219 |
|
Code Injection in bolt (CVE-2021-40219)
code injection in bolt (CVE-2021-40219). Successful exploitation can lead to full system takeover.
|
| CVE-2022-22965 KEV |
|
[KEV] Code Injection in Vmware spring-framework (CVE-2022-22965)
code injection in Vmware spring-framework (CVE-2022-22965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-1273 KEV |
|
[KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2018-1273)
code injection in Vmware tanzu vmware-tanzu (CVE-2018-1273). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2014-6287 KEV |
|
[KEV] Code Injection in Rejetto http-file-server-hfs (CVE-2014-6287)
code injection in Rejetto http-file-server-hfs (CVE-2014-6287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-4810 KEV |
|
[KEV] Code Injection in Hewlett packard (hp) hewlett-packard-hp (CVE-2013-4810)
code injection in Hewlett packard (hp) hewlett-packard-hp (CVE-2013-4810). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2009-1151 KEV |
|
[KEV] Code Injection in phpmyadmin (CVE-2009-1151)
code injection in phpmyadmin (CVE-2009-1151). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-25578 |
|
Code Injection in taogogo (CVE-2022-25578)
code injection in taogogo (CVE-2022-25578). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24512 |
|
Code Injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512)
code injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
|
| CVE-2020-8218 KEV |
|
[KEV] Code Injection in Pulse secure pulse-secure (CVE-2020-8218)
code injection in Pulse secure pulse-secure (CVE-2020-8218). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-1347 KEV |
|
[KEV] Code Injection in Microsoft internet-explorer (CVE-2013-1347)
code injection in Microsoft internet-explorer (CVE-2013-1347). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-1856 KEV |
|
[KEV] Code Injection in Microsoft office (CVE-2012-1856)
code injection in Microsoft office (CVE-2012-1856). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-0188 KEV |
|
[KEV] Code Injection in Adobe reader-and-acrobat (CVE-2010-0188)
code injection in Adobe reader-and-acrobat (CVE-2010-0188). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2009-3129 KEV |
|
[KEV] Code Injection in Microsoft excel (CVE-2009-3129)
code injection in Microsoft excel (CVE-2009-3129). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-25018 |
|
Code Injection in pluxml (CVE-2022-25018)
code injection in pluxml (CVE-2022-25018). Successful exploitation can lead to full system takeover.
|
| CVE-2014-6352 KEV |
|
[KEV] Code Injection in Microsoft windows (CVE-2014-6352)
code injection in Microsoft windows (CVE-2014-6352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-9841 KEV |
|
[KEV] Code Injection in phpunit (CVE-2017-9841)
code injection in phpunit (CVE-2017-9841). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3906 KEV |
|
[KEV] Code Injection in Microsoft graphics-component (CVE-2013-3906)
code injection in Microsoft graphics-component (CVE-2013-3906). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-1635 KEV |
|
[KEV] Code Injection in Microsoft httpsys (CVE-2015-1635)
code injection in Microsoft httpsys (CVE-2015-1635). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|