Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-35201 |
|
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
|
| CVE-2022-36530 |
|
Cross-Site Scripting (XSS) in rageframe (CVE-2022-36530)
cross-site scripting in rageframe (CVE-2022-36530). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24654 |
|
Cross-Site Scripting (XSS) in intelbras (CVE-2022-24654)
cross-site scripting in intelbras (CVE-2022-24654). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-36526 |
|
Authentication Bypass in dlink (CVE-2022-36526)
authentication bypass in dlink (CVE-2022-36526). Data can be tampered with by attackers.
|
| CVE-2022-35509 |
|
Cross-Site Scripting (XSS) in eyoucms (CVE-2022-35509)
cross-site scripting in eyoucms (CVE-2022-35509). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35493 |
|
Cross-Site Scripting (XSS) in wrteam (CVE-2022-35493)
cross-site scripting in wrteam (CVE-2022-35493). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35118 |
|
PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
|
| CVE-2022-31321 |
|
Vulnerability in dos (CVE-2022-31321)
vulnerability in dos (CVE-2022-31321). Confidential information can be exposed externally.
|
| CVE-2022-1277 |
|
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
|
| CVE-2022-34611 |
|
Cross-Site Scripting (XSS) in online-fire-reporting-system-project (CVE-2022-34611)
cross-site scripting in online-fire-reporting-system-project (CVE-2022-34611). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24992 |
|
Path Traversal in path-traversal (CVE-2022-24992)
path traversal in path-traversal (CVE-2022-24992). Confidential information can be exposed externally.
|
| CVE-2022-29709 |
|
SQL Injection in sqli (CVE-2022-29709)
SQL injection in sqli (CVE-2022-29709). Confidential information can be exposed externally.
|
| CVE-2022-21535 |
|
Vulnerability in c (CVE-2022-21535)
vulnerability in c (CVE-2022-21535). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-35305 |
|
Cross-Site Scripting (XSS) in gollum-project (CVE-2020-35305)
cross-site scripting in gollum-project (CVE-2020-35305). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-32074 |
|
Cross-Site Scripting (XSS) in enhancesoft (CVE-2022-32074)
cross-site scripting in enhancesoft (CVE-2022-32074). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-32114 |
|
Unrestricted File Upload in strapi (CVE-2022-32114)
vulnerability in strapi (CVE-2022-32114). Successful exploitation can lead to full system takeover.
|
| CVE-2022-32224 |
|
Unsafe Deserialization in activerecord (CVE-2022-32224)
vulnerability in activerecord (CVE-2022-32224). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.2.8.1` or later.
|
| CVE-2022-31904 |
|
Cross-Site Scripting (XSS) in uberrider (CVE-2022-31904)
cross-site scripting in uberrider (CVE-2022-31904). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-33098 |
|
Cross-Site Scripting (XSS) in magnolia-cms (CVE-2022-33098)
cross-site scripting in magnolia-cms (CVE-2022-33098). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24140 |
|
Vulnerability in iobit (CVE-2022-24140)
vulnerability in iobit (CVE-2022-24140). Successful exploitation can lead to full system takeover.
|
| CVE-2022-33075 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-33075)
cross-site scripting in phpgurukul (CVE-2022-33075). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-33971 |
|
Vulnerability in dos (CVE-2022-33971)
vulnerability in dos (CVE-2022-33971). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31897 |
|
Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-31897)
cross-site scripting in phpgurukul (CVE-2022-31897). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-33009 |
|
Cross-Site Scripting (XSS) in lightcms-project (CVE-2022-33009)
cross-site scripting in lightcms-project (CVE-2022-33009). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21161 |
|
Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.
Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.
|
| CVE-2020-27509 |
|
Cross-Site Scripting (XSS) in galaxkey (CVE-2020-27509)
cross-site scripting in galaxkey (CVE-2020-27509). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-21046 |
|
Privilege Escalation in privilege-escalation (CVE-2020-21046)
vulnerability in privilege-escalation (CVE-2020-21046). Successful exploitation can lead to full system takeover.
|
| CVE-2022-21952 |
|
Vulnerability in dos (CVE-2022-21952)
vulnerability in dos (CVE-2022-21952). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-25585 |
|
Cross-Site Scripting (XSS) in unioncms-project (CVE-2022-25585)
cross-site scripting in unioncms-project (CVE-2022-25585). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-45026 |
|
Cross-Site Scripting (XSS) in rocketsoftware (CVE-2021-45026)
cross-site scripting in rocketsoftware (CVE-2021-45026). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26173 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-26173)
vulnerability in csrf (CVE-2022-26173). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24562 |
|
Vulnerability in iobit (CVE-2022-24562)
vulnerability in iobit (CVE-2022-24562). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31384 |
|
SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31382 |
|
SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31383 |
|
SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24946 |
|
Vulnerability in dos (CVE-2022-24946)
vulnerability in dos (CVE-2022-24946). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-41672 |
|
SQL Injection in sqli (CVE-2021-41672)
SQL injection in sqli (CVE-2021-41672). Confidential information can be exposed externally.
|
| CVE-2021-42675 |
|
Unrestricted File Upload in kreado (CVE-2021-42675)
vulnerability in kreado (CVE-2021-42675). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41663 |
|
Cross-Site Scripting (XSS) in 1234n (CVE-2021-41663)
cross-site scripting in 1234n (CVE-2021-41663). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-30075 |
|
Vulnerability in tp-link (CVE-2022-30075)
vulnerability in tp-link (CVE-2022-30075). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27438 |
|
Vulnerability in caphyon (CVE-2022-27438)
vulnerability in caphyon (CVE-2022-27438). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42877 |
|
Vulnerability in dos (CVE-2021-42877)
vulnerability in dos (CVE-2021-42877). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-29704 |
|
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
|
| CVE-2022-30490 |
|
SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
|
| CVE-2022-28945 |
|
Path Traversal in path-traversal (CVE-2022-28945)
path traversal in path-traversal (CVE-2022-28945). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24240 |
|
SQL Injection in sqli (CVE-2022-24240)
SQL injection in sqli (CVE-2022-24240). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24238 |
|
Cross-Site Scripting (XSS) in aceware (CVE-2022-24238)
cross-site scripting in aceware (CVE-2022-24238). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-30034 |
|
Authentication Bypass in flower (CVE-2022-30034)
authentication bypass in flower (CVE-2022-30034). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.0` or later.
|
| CVE-2021-22790 |
|
Out-of-Bounds Read in dos (CVE-2021-22790)
vulnerability in dos (CVE-2021-22790). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-7477 |
|
Vulnerability in dos (CVE-2020-7477)
vulnerability in dos (CVE-2020-7477). Risk of unauthorized operations or information disclosure.
|