Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2022-45205 SQL Injection in sqli (CVE-2022-45205)
SQL injection in sqli (CVE-2022-45205). Risk of unauthorized operations or information disclosure.
CVE-2022-45206 SQL Injection in sqli (CVE-2022-45206)
SQL injection in sqli (CVE-2022-45206). Successful exploitation can lead to full system takeover.
CVE-2022-45207 SQL Injection in sqli (CVE-2022-45207)
SQL injection in sqli (CVE-2022-45207). Successful exploitation can lead to full system takeover.
CVE-2022-45208 SQL Injection in sqli (CVE-2022-45208)
SQL injection in sqli (CVE-2022-45208). Risk of unauthorized operations or information disclosure.
CVE-2022-45210 SQL Injection in sqli (CVE-2022-45210)
SQL injection in sqli (CVE-2022-45210). Risk of unauthorized operations or information disclosure.
CVE-2022-37721 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37721)
cross-site scripting in privilege-escalation (CVE-2022-37721). Successful exploitation can lead to full system takeover.
CVE-2022-37720 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37720)
cross-site scripting in privilege-escalation (CVE-2022-37720). Successful exploitation can lead to full system takeover.
CVE-2022-35501 Cross-Site Scripting (XSS) in amasty (CVE-2022-35501)
cross-site scripting in amasty (CVE-2022-35501). Risk of unauthorized operations or information disclosure.
CVE-2022-35500 Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.
Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.
CVE-2022-37773 SQL Injection in sqli (CVE-2022-37773)
SQL injection in sqli (CVE-2022-37773). Confidential information can be exposed externally.
CVE-2022-37774 Authentication Bypass in maarch (CVE-2022-37774)
authentication bypass in maarch (CVE-2022-37774). Risk of unauthorized operations or information disclosure.
CVE-2022-44194 Out-of-Bounds Write in netgear (CVE-2022-44194)
out-of-bounds write in netgear (CVE-2022-44194). Successful exploitation can lead to full system takeover.
CVE-2022-42989 Cross-Site Scripting (XSS) in sankhya (CVE-2022-42989)
cross-site scripting in sankhya (CVE-2022-42989). Successful exploitation can lead to full system takeover.
CVE-2022-40842 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
CVE-2022-36180 Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
CVE-2022-24037 Vulnerability in karmasis (CVE-2022-24037)
vulnerability in karmasis (CVE-2022-24037). Confidential information can be exposed externally.
CVE-2022-24038 Vulnerability in karmasis (CVE-2022-24038)
vulnerability in karmasis (CVE-2022-24038). Risk of unauthorized operations or information disclosure.
CVE-2022-24036 Vulnerability in karmasis (CVE-2022-24036)
vulnerability in karmasis (CVE-2022-24036). Data can be tampered with by attackers.
CVE-2022-42131 Vulnerability in liferay (CVE-2022-42131)
vulnerability in liferay (CVE-2022-42131). Risk of unauthorized operations or information disclosure.
CVE-2022-42132 Information Disclosure in liferay (CVE-2022-42132)
vulnerability in liferay (CVE-2022-42132). Confidential information can be exposed externally.
CVE-2022-42130 Vulnerability in liferay (CVE-2022-42130)
vulnerability in liferay (CVE-2022-42130). Risk of unauthorized operations or information disclosure.
CVE-2022-42127 Vulnerability in liferay (CVE-2022-42127)
vulnerability in liferay (CVE-2022-42127). Risk of unauthorized operations or information disclosure.
CVE-2022-42128 Vulnerability in liferay (CVE-2022-42128)
vulnerability in liferay (CVE-2022-42128). Risk of unauthorized operations or information disclosure.
CVE-2022-42125 Path Traversal in path-traversal (CVE-2022-42125)
path traversal in path-traversal (CVE-2022-42125). Data can be tampered with by attackers.
CVE-2022-42123 Path Traversal in path-traversal (CVE-2022-42123)
path traversal in path-traversal (CVE-2022-42123). Data can be tampered with by attackers.
CVE-2022-42126 Vulnerability in liferay (CVE-2022-42126)
vulnerability in liferay (CVE-2022-42126). Risk of unauthorized operations or information disclosure.
CVE-2022-42120 SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
CVE-2022-42121 SQL Injection in sqli (CVE-2022-42121)
SQL injection in sqli (CVE-2022-42121). Successful exploitation can lead to full system takeover.
CVE-2022-42122 SQL Injection in sqli (CVE-2022-42122)
SQL injection in sqli (CVE-2022-42122). Successful exploitation can lead to full system takeover. Exploitable via ``title``.
CVE-2022-42118 Cross-Site Scripting (XSS) in liferay (CVE-2022-42118)
cross-site scripting in liferay (CVE-2022-42118). Risk of unauthorized operations or information disclosure. Exploitable via ``tag``.
CVE-2022-42119 Cross-Site Scripting (XSS) in liferay (CVE-2022-42119)
cross-site scripting in liferay (CVE-2022-42119). Risk of unauthorized operations or information disclosure.
CVE-2022-41049 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-41049)
vulnerability in Microsoft windows (CVE-2022-41049). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-44087 Code Injection in ecisp (CVE-2022-44087)
code injection in ecisp (CVE-2022-44087). Successful exploitation can lead to full system takeover.
CVE-2022-44088 Code Injection in ecisp (CVE-2022-44088)
code injection in ecisp (CVE-2022-44088). Successful exploitation can lead to full system takeover.
CVE-2022-44089 Code Injection in ecisp (CVE-2022-44089)
code injection in ecisp (CVE-2022-44089). Successful exploitation can lead to full system takeover.
CVE-2022-41061 Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-43321 Cross-Site Scripting (XSS) in shopwind (CVE-2022-43321)
cross-site scripting in shopwind (CVE-2022-43321). Risk of unauthorized operations or information disclosure.
CVE-2021-25370 KEV [KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25370)
vulnerability in Samsung mobile-devices (CVE-2021-25370). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25369 KEV [KEV] Information Disclosure in Samsung mobile-devices (CVE-2021-25369)
vulnerability in Samsung mobile-devices (CVE-2021-25369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25337 KEV [KEV] Privilege Escalation in Samsung mobile-devices (CVE-2021-25337)
vulnerability in Samsung mobile-devices (CVE-2021-25337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41073 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41073)
out-of-bounds write in Microsoft windows (CVE-2022-41073). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41125 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41125)
out-of-bounds write in Microsoft windows (CVE-2022-41125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41128 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41128)
out-of-bounds write in Microsoft windows (CVE-2022-41128). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41091 KEV [KEV] Authorization Flaw in Microsoft windows (CVE-2022-41091)
vulnerability in Microsoft windows (CVE-2022-41091). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-43945 Vulnerability in c (CVE-2022-43945)
vulnerability in c (CVE-2022-43945). Risk of unauthorized operations or information disclosure.
CVE-2022-20969 Cross-Site Scripting (XSS) in cisco (CVE-2022-20969)
cross-site scripting in cisco (CVE-2022-20969). Risk of unauthorized operations or information disclosure.
CVE-2022-40840 Cross-Site Scripting (XSS) in ndk-design (CVE-2022-40840)
cross-site scripting in ndk-design (CVE-2022-40840). Risk of unauthorized operations or information disclosure.
CVE-2022-40839 SQL Injection in sqli (CVE-2022-40839)
SQL injection in sqli (CVE-2022-40839). Confidential information can be exposed externally.
CVE-2022-40487 Cross-Site Scripting (XSS) in processwire (CVE-2022-40487)
cross-site scripting in processwire (CVE-2022-40487). Risk of unauthorized operations or information disclosure.
CVE-2022-40488 ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →