Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-45205 |
|
SQL Injection in sqli (CVE-2022-45205)
SQL injection in sqli (CVE-2022-45205). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-45206 |
|
SQL Injection in sqli (CVE-2022-45206)
SQL injection in sqli (CVE-2022-45206). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45207 |
|
SQL Injection in sqli (CVE-2022-45207)
SQL injection in sqli (CVE-2022-45207). Successful exploitation can lead to full system takeover.
|
| CVE-2022-45208 |
|
SQL Injection in sqli (CVE-2022-45208)
SQL injection in sqli (CVE-2022-45208). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-45210 |
|
SQL Injection in sqli (CVE-2022-45210)
SQL injection in sqli (CVE-2022-45210). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-37721 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37721)
cross-site scripting in privilege-escalation (CVE-2022-37721). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37720 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37720)
cross-site scripting in privilege-escalation (CVE-2022-37720). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35501 |
|
Cross-Site Scripting (XSS) in amasty (CVE-2022-35501)
cross-site scripting in amasty (CVE-2022-35501). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35500 |
|
Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.
Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.
|
| CVE-2022-37773 |
|
SQL Injection in sqli (CVE-2022-37773)
SQL injection in sqli (CVE-2022-37773). Confidential information can be exposed externally.
|
| CVE-2022-37774 |
|
Authentication Bypass in maarch (CVE-2022-37774)
authentication bypass in maarch (CVE-2022-37774). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44194 |
|
Out-of-Bounds Write in netgear (CVE-2022-44194)
out-of-bounds write in netgear (CVE-2022-44194). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42989 |
|
Cross-Site Scripting (XSS) in sankhya (CVE-2022-42989)
cross-site scripting in sankhya (CVE-2022-42989). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40842 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
|
| CVE-2022-36180 |
|
Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24037 |
|
Vulnerability in karmasis (CVE-2022-24037)
vulnerability in karmasis (CVE-2022-24037). Confidential information can be exposed externally.
|
| CVE-2022-24038 |
|
Vulnerability in karmasis (CVE-2022-24038)
vulnerability in karmasis (CVE-2022-24038). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-24036 |
|
Vulnerability in karmasis (CVE-2022-24036)
vulnerability in karmasis (CVE-2022-24036). Data can be tampered with by attackers.
|
| CVE-2022-42131 |
|
Vulnerability in liferay (CVE-2022-42131)
vulnerability in liferay (CVE-2022-42131). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42132 |
|
Information Disclosure in liferay (CVE-2022-42132)
vulnerability in liferay (CVE-2022-42132). Confidential information can be exposed externally.
|
| CVE-2022-42130 |
|
Vulnerability in liferay (CVE-2022-42130)
vulnerability in liferay (CVE-2022-42130). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42127 |
|
Vulnerability in liferay (CVE-2022-42127)
vulnerability in liferay (CVE-2022-42127). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42128 |
|
Vulnerability in liferay (CVE-2022-42128)
vulnerability in liferay (CVE-2022-42128). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42125 |
|
Path Traversal in path-traversal (CVE-2022-42125)
path traversal in path-traversal (CVE-2022-42125). Data can be tampered with by attackers.
|
| CVE-2022-42123 |
|
Path Traversal in path-traversal (CVE-2022-42123)
path traversal in path-traversal (CVE-2022-42123). Data can be tampered with by attackers.
|
| CVE-2022-42126 |
|
Vulnerability in liferay (CVE-2022-42126)
vulnerability in liferay (CVE-2022-42126). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42120 |
|
SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
|
| CVE-2022-42121 |
|
SQL Injection in sqli (CVE-2022-42121)
SQL injection in sqli (CVE-2022-42121). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42122 |
|
SQL Injection in sqli (CVE-2022-42122)
SQL injection in sqli (CVE-2022-42122). Successful exploitation can lead to full system takeover. Exploitable via ``title``.
|
| CVE-2022-42118 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42118)
cross-site scripting in liferay (CVE-2022-42118). Risk of unauthorized operations or information disclosure. Exploitable via ``tag``.
|
| CVE-2022-42119 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-42119)
cross-site scripting in liferay (CVE-2022-42119). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-41049 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-41049)
vulnerability in Microsoft windows (CVE-2022-41049). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-44087 |
|
Code Injection in ecisp (CVE-2022-44087)
code injection in ecisp (CVE-2022-44087). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44088 |
|
Code Injection in ecisp (CVE-2022-44088)
code injection in ecisp (CVE-2022-44088). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44089 |
|
Code Injection in ecisp (CVE-2022-44089)
code injection in ecisp (CVE-2022-44089). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41061 |
|
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
|
| CVE-2022-43321 |
|
Cross-Site Scripting (XSS) in shopwind (CVE-2022-43321)
cross-site scripting in shopwind (CVE-2022-43321). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-25370 KEV |
|
[KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25370)
vulnerability in Samsung mobile-devices (CVE-2021-25370). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25369 KEV |
|
[KEV] Information Disclosure in Samsung mobile-devices (CVE-2021-25369)
vulnerability in Samsung mobile-devices (CVE-2021-25369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25337 KEV |
|
[KEV] Privilege Escalation in Samsung mobile-devices (CVE-2021-25337)
vulnerability in Samsung mobile-devices (CVE-2021-25337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41073 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41073)
out-of-bounds write in Microsoft windows (CVE-2022-41073). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41125 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41125)
out-of-bounds write in Microsoft windows (CVE-2022-41125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41128 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41128)
out-of-bounds write in Microsoft windows (CVE-2022-41128). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41091 KEV |
|
[KEV] Authorization Flaw in Microsoft windows (CVE-2022-41091)
vulnerability in Microsoft windows (CVE-2022-41091). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-43945 |
|
Vulnerability in c (CVE-2022-43945)
vulnerability in c (CVE-2022-43945). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-20969 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2022-20969)
cross-site scripting in cisco (CVE-2022-20969). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40840 |
|
Cross-Site Scripting (XSS) in ndk-design (CVE-2022-40840)
cross-site scripting in ndk-design (CVE-2022-40840). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40839 |
|
SQL Injection in sqli (CVE-2022-40839)
SQL injection in sqli (CVE-2022-40839). Confidential information can be exposed externally.
|
| CVE-2022-40487 |
|
Cross-Site Scripting (XSS) in processwire (CVE-2022-40487)
cross-site scripting in processwire (CVE-2022-40487). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40488 |
|
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
|