Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-74 Clear
ID Title
CVE-2026-8128 Vulnerability in sqli (CVE-2026-8128)
vulnerability in sqli (CVE-2026-8128). Risk of unauthorized operations or information disclosure.
CVE-2026-8125 Vulnerability in sqli (CVE-2026-8125)
vulnerability in sqli (CVE-2026-8125). Risk of unauthorized operations or information disclosure.
CVE-2026-8114 Vulnerability in sqli (CVE-2026-8114)
vulnerability in sqli (CVE-2026-8114). Risk of unauthorized operations or information disclosure.
CVE-2026-26164 Vulnerability in microsoft (CVE-2026-26164)
vulnerability in microsoft (CVE-2026-26164). Confidential information can be exposed externally.
CVE-2026-8097 Vulnerability in sqli (CVE-2026-8097)
vulnerability in sqli (CVE-2026-8097). Risk of unauthorized operations or information disclosure.
CVE-2026-8098 Vulnerability in sqli (CVE-2026-8098)
vulnerability in sqli (CVE-2026-8098). Risk of unauthorized operations or information disclosure.
CVE-2026-41691 Path Traversal in i18next-http-backend (CVE-2026-41691)
path traversal in i18next-http-backend (CVE-2026-41691). Risk of unauthorized operations or information disclosure. Exploitable via ``lng``. Mitigation: upgrade to `3.0.5` or later.
CVE-2026-42334 Vulnerability in mongoose (CVE-2026-42334)
vulnerability in mongoose (CVE-2026-42334). Confidential information can be exposed externally. Exploitable via ``sanitizeFilter``. Mitigation: upgrade to `9.1.6` or later.
CVE-2026-41319 Vulnerability in mimekit (CVE-2026-41319)
vulnerability in mimekit (CVE-2026-41319). Data can be tampered with by attackers. Exploitable via ``SmtpStream``.
CVE-2026-5586 Vulnerability in sqli (CVE-2026-5586)
vulnerability in sqli (CVE-2026-5586). Risk of unauthorized operations or information disclosure.
CVE-2026-32695 Vulnerability in traefik (CVE-2026-32695)
vulnerability in traefik (CVE-2026-32695). Confidential information can be exposed externally. Exploitable via ``tenant.example.com``.
CVE-2026-22744 Vulnerability in vmware (CVE-2026-22744)
vulnerability in vmware (CVE-2026-22744). Confidential information can be exposed externally.
CVE-2025-13462 Vulnerability in CVE-2025-13462 (CVE-2025-13462)
vulnerability in CVE-2025-13462 (CVE-2025-13462). Risk of unauthorized operations or information disclosure.
CVE-2026-29186 Vulnerability in linuxfoundation (CVE-2026-29186)
vulnerability in linuxfoundation (CVE-2026-29186). Confidential information can be exposed externally.
CVE-2026-27148 Vulnerability in storybook (CVE-2026-27148)
vulnerability in storybook (CVE-2026-27148). Successful exploitation can lead to full system takeover.
CVE-2026-27727 Vulnerability in mchange (CVE-2026-27727)
vulnerability in mchange (CVE-2026-27727). Successful exploitation can lead to full system takeover. Exploitable via ``factoryClassLocation``.
CVE-2025-67733 Vulnerability in lfprojects (CVE-2025-67733)
vulnerability in lfprojects (CVE-2025-67733). Risk of unauthorized operations or information disclosure.
CVE-2025-8276 Vulnerability in CVE-2025-8276 (CVE-2025-8276)
vulnerability in CVE-2025-8276 (CVE-2025-8276). Risk of unauthorized operations or information disclosure.
CVE-2025-20337 KEV [KEV] Vulnerability in Cisco identity-services-engine (CVE-2025-20337)
vulnerability in Cisco identity-services-engine (CVE-2025-20337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-20281 KEV [KEV] Vulnerability in Cisco identity-services-engine (CVE-2025-20281)
vulnerability in Cisco identity-services-engine (CVE-2025-20281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-43769 KEV [KEV] Vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769)
vulnerability in Hitachi vantara hitachi-vantara (CVE-2022-43769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-22527 KEV [KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33234 Vulnerability in apache (CVE-2023-33234)
vulnerability in apache (CVE-2023-33234). Successful exploitation can lead to full system takeover.
CVE-2022-35914 KEV [KEV] Vulnerability in Teclib glpi (CVE-2022-35914)
vulnerability in Teclib glpi (CVE-2022-35914). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-46169 KEV [KEV] Vulnerability in cacti (CVE-2022-46169)
vulnerability in cacti (CVE-2022-46169). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-37499 Vulnerability in reprisesoftware (CVE-2021-37499)
vulnerability in reprisesoftware (CVE-2021-37499). Data can be tampered with by attackers.
CVE-2020-28949 KEV [KEV] Vulnerability in Pear archive-tar (CVE-2020-28949)
vulnerability in Pear archive-tar (CVE-2020-28949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-36668 Vulnerability in druva (CVE-2021-36668)
vulnerability in druva (CVE-2021-36668). Successful exploitation can lead to full system takeover.
CVE-2020-7489 Vulnerability in schneider-electric (CVE-2020-7489)
vulnerability in schneider-electric (CVE-2020-7489). Successful exploitation can lead to full system takeover.
CVE-2021-36697 Vulnerability in artica (CVE-2021-36697)
vulnerability in artica (CVE-2021-36697). Successful exploitation can lead to full system takeover.
CVE-2021-35504 Vulnerability in afian (CVE-2021-35504)
vulnerability in afian (CVE-2021-35504). Successful exploitation can lead to full system takeover.
CVE-2021-35505 Vulnerability in afian (CVE-2021-35505)
vulnerability in afian (CVE-2021-35505). Successful exploitation can lead to full system takeover.
CVE-2021-27132 Vulnerability in sercomm (CVE-2021-27132)
vulnerability in sercomm (CVE-2021-27132). Successful exploitation can lead to full system takeover.
CVE-2019-11581 KEV [KEV] Vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581)
vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-2725 KEV [KEV] Vulnerability in Oracle weblogic-server (CVE-2019-2725)
vulnerability in Oracle weblogic-server (CVE-2019-2725). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44832 Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.17.1` or later.
CVE-2019-17558 KEV [KEV] Vulnerability in Apache solr (CVE-2019-17558)
vulnerability in Apache solr (CVE-2019-17558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-8468 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2020-8468)
vulnerability in Trend micro trend-micro (CVE-2020-8468). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-17496 KEV [KEV] Vulnerability in vbulletin (CVE-2020-17496)
vulnerability in vbulletin (CVE-2020-17496). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-28979 Vulnerability in thalesgroup (CVE-2021-28979)
vulnerability in thalesgroup (CVE-2021-28979). Confidential information can be exposed externally.
CVE-2013-4578 Vulnerability in oracle (CVE-2013-4578)
vulnerability in oracle (CVE-2013-4578). Risk of unauthorized operations or information disclosure.
CVE-2016-3695 Vulnerability in c (CVE-2016-3695)
vulnerability in c (CVE-2016-3695). Risk of unauthorized operations or information disclosure.
CVE-2017-15313 Vulnerability in huawei (CVE-2017-15313)
vulnerability in huawei (CVE-2017-15313). Successful exploitation can lead to full system takeover.
CVE-2017-16766 Vulnerability in synology (CVE-2017-16766)
vulnerability in synology (CVE-2017-16766). Risk of unauthorized operations or information disclosure.
CVE-2017-17790 Vulnerability in ruby-lang (CVE-2017-17790)
vulnerability in ruby-lang (CVE-2017-17790). Successful exploitation can lead to full system takeover.
CVE-2017-17531 Vulnerability in c (CVE-2017-17531)
vulnerability in c (CVE-2017-17531). Successful exploitation can lead to full system takeover.
CVE-2017-17532 Vulnerability in kiwi-project (CVE-2017-17532)
vulnerability in kiwi-project (CVE-2017-17532). Successful exploitation can lead to full system takeover.
CVE-2017-17533 Vulnerability in tkabber-project (CVE-2017-17533)
vulnerability in tkabber-project (CVE-2017-17533). Successful exploitation can lead to full system takeover.
CVE-2017-17534 Vulnerability in c (CVE-2017-17534)
vulnerability in c (CVE-2017-17534). Successful exploitation can lead to full system takeover.
CVE-2017-17535 Vulnerability in gjots2-project (CVE-2017-17535)
vulnerability in gjots2-project (CVE-2017-17535). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →