Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2022-34026 ICEcoder v8.1 allows attackers to execute a directory traversal.
ICEcoder v8.1 allows attackers to execute a directory traversal.
CVE-2022-2266 Cross-Site Scripting (XSS) in yordam (CVE-2022-2266)
cross-site scripting in yordam (CVE-2022-2266). Risk of unauthorized operations or information disclosure.
CVE-2022-28980 Cross-Site Scripting (XSS) in liferay (CVE-2022-28980)
cross-site scripting in liferay (CVE-2022-28980). Risk of unauthorized operations or information disclosure.
CVE-2022-38512 Vulnerability in liferay (CVE-2022-38512)
vulnerability in liferay (CVE-2022-38512). Confidential information can be exposed externally.
CVE-2022-28981 Path Traversal in path-traversal (CVE-2022-28981)
path traversal in path-traversal (CVE-2022-28981). Confidential information can be exposed externally. Exploitable via ``parameter``.
CVE-2022-28977 Open Redirect in liferay (CVE-2022-28977)
vulnerability in liferay (CVE-2022-28977). Risk of unauthorized operations or information disclosure. Exploitable via ``FORWARD_URL``.
CVE-2022-39975 Vulnerability in liferay (CVE-2022-39975)
vulnerability in liferay (CVE-2022-39975). Risk of unauthorized operations or information disclosure.
CVE-2022-28978 Cross-Site Scripting (XSS) in liferay (CVE-2022-28978)
cross-site scripting in liferay (CVE-2022-28978). Risk of unauthorized operations or information disclosure.
CVE-2022-28979 Cross-Site Scripting (XSS) in liferay (CVE-2022-28979)
cross-site scripting in liferay (CVE-2022-28979). Risk of unauthorized operations or information disclosure.
CVE-2022-28982 Cross-Site Scripting (XSS) in liferay (CVE-2022-28982)
cross-site scripting in liferay (CVE-2022-28982). Risk of unauthorized operations or information disclosure.
CVE-2022-35405 KEV [KEV] Unsafe Deserialization in Zoho manageengine (CVE-2022-35405)
vulnerability in Zoho manageengine (CVE-2022-35405). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-40030 SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
CVE-2022-40027 Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40027)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40027). Risk of unauthorized operations or information disclosure.
CVE-2022-40028 Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40028)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40028). Risk of unauthorized operations or information disclosure.
CVE-2022-40029 Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40029)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40029). Risk of unauthorized operations or information disclosure.
CVE-2022-2265 Path Traversal in path-traversal (CVE-2022-2265)
path traversal in path-traversal (CVE-2022-2265). Confidential information can be exposed externally.
CVE-2022-0495 SQL Injection in sqli (CVE-2022-0495)
SQL injection in sqli (CVE-2022-0495). Confidential information can be exposed externally.
CVE-2022-2315 SQL Injection in sqli (CVE-2022-2315)
SQL injection in sqli (CVE-2022-2315). Confidential information can be exposed externally.
CVE-2022-38619 SQL Injection in sqli (CVE-2022-38619)
SQL injection in sqli (CVE-2022-38619). Successful exploitation can lead to full system takeover.
CVE-2022-2177 SQL Injection in sqli (CVE-2022-2177)
SQL injection in sqli (CVE-2022-2177). Confidential information can be exposed externally.
CVE-2022-38618 SQL Injection in sqli (CVE-2022-38618)
SQL injection in sqli (CVE-2022-38618). Successful exploitation can lead to full system takeover.
CVE-2022-38577 Vulnerability in processmaker (CVE-2022-38577)
vulnerability in processmaker (CVE-2022-38577). Successful exploitation can lead to full system takeover.
CVE-2022-37700 Path Traversal in path-traversal (CVE-2022-37700)
path traversal in path-traversal (CVE-2022-37700). Confidential information can be exposed externally.
CVE-2022-38617 SQL Injection in sqli (CVE-2022-38617)
SQL injection in sqli (CVE-2022-38617). Successful exploitation can lead to full system takeover.
CVE-2022-36533 Cross-Site Scripting (XSS) in syncovery (CVE-2022-36533)
cross-site scripting in syncovery (CVE-2022-36533). Risk of unauthorized operations or information disclosure.
CVE-2022-37251 Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts.
Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts.
CVE-2022-37775 Cross-Site Scripting (XSS) in genesys (CVE-2022-37775)
cross-site scripting in genesys (CVE-2022-37775). Risk of unauthorized operations or information disclosure.
CVE-2022-36536 Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
CVE-2022-29649 Qsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability.
Qsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVE-2022-37257 Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
CVE-2022-40139 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2022-40139)
vulnerability in Trend micro trend-micro (CVE-2022-40139). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2596 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-2596)
vulnerability in Linux kernel (CVE-2013-2596). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2094 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-2094)
vulnerability in Linux kernel (CVE-2013-2094). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2597 KEV [KEV] Buffer Overflow in Code aurora code-aurora (CVE-2013-2597)
vulnerability in Code aurora code-aurora (CVE-2013-2597). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-6282 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-6282)
vulnerability in Linux kernel (CVE-2013-6282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2010-2568 KEV [KEV] Vulnerability in Microsoft windows (CVE-2010-2568)
vulnerability in Microsoft windows (CVE-2010-2568). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-37969 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-37969)
vulnerability in Microsoft windows (CVE-2022-37969). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-32917 KEV [KEV] Vulnerability in Apple ios (CVE-2022-32917)
vulnerability in Apple ios (CVE-2022-32917). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-38013 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.9` or later.
CVE-2022-38616 SQL Injection in sqli (CVE-2022-38616)
SQL injection in sqli (CVE-2022-38616). Successful exploitation can lead to full system takeover.
CVE-2022-36110 Vulnerability in netmaker (CVE-2022-36110)
vulnerability in netmaker (CVE-2022-36110). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.15.1` or later.
CVE-2022-38614 Path Traversal in bpcbt (CVE-2022-38614)
path traversal in bpcbt (CVE-2022-38614). Confidential information can be exposed externally.
CVE-2022-38615 SQL Injection in sqli (CVE-2022-38615)
SQL injection in sqli (CVE-2022-38615). Successful exploitation can lead to full system takeover.
CVE-2022-38613 Path Traversal in path-traversal (CVE-2022-38613)
path traversal in path-traversal (CVE-2022-38613). Confidential information can be exposed externally.
CVE-2022-38096 Vulnerability in c (CVE-2022-38096)
vulnerability in c (CVE-2022-38096). Risk of unauthorized operations or information disclosure.
CVE-2022-30079 OS Command Injection in netgear (CVE-2022-30079)
OS command injection in netgear (CVE-2022-30079). Successful exploitation can lead to full system takeover.
CVE-2022-37146 Vulnerability in plextrac (CVE-2022-37146)
vulnerability in plextrac (CVE-2022-37146). Risk of unauthorized operations or information disclosure.
CVE-2017-5521 KEV [KEV] Information Disclosure in Netgear multiple-devices (CVE-2017-5521)
vulnerability in Netgear multiple-devices (CVE-2017-5521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27593 KEV [KEV] Vulnerability in Qnap photo-station (CVE-2022-27593)
vulnerability in Qnap photo-station (CVE-2022-27593). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-13374 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiadc (CVE-2018-13374)
vulnerability in Fortinet fortios-and-fortiadc (CVE-2018-13374). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →