Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2022-35293 Vulnerability in sap (CVE-2022-35293)
vulnerability in sap (CVE-2022-35293). Confidential information can be exposed externally.
CVE-2021-33643 Out-of-Bounds Read in feep (CVE-2021-33643)
vulnerability in feep (CVE-2021-33643). Confidential information can be exposed externally.
CVE-2022-36124 Vulnerability in apache-avro (CVE-2022-36124)
vulnerability in apache-avro (CVE-2022-36124). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.14.0` or later.
CVE-2022-30333 KEV [KEV] Path Traversal in Rarlab unrar (CVE-2022-30333)
path traversal in Rarlab unrar (CVE-2022-30333). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-35493 Cross-Site Scripting (XSS) in wrteam (CVE-2022-35493)
cross-site scripting in wrteam (CVE-2022-35493). Risk of unauthorized operations or information disclosure.
CVE-2022-2356 Unrestricted File Upload in wordpress (CVE-2022-2356)
vulnerability in wordpress (CVE-2022-2356). Successful exploitation can lead to full system takeover.
CVE-2022-28880 Vulnerability in f-secure (CVE-2022-28880)
vulnerability in f-secure (CVE-2022-28880). Risk of unauthorized operations or information disclosure.
CVE-2020-1754 Vulnerability in moodle (CVE-2020-1754)
vulnerability in moodle (CVE-2020-1754). Risk of unauthorized operations or information disclosure.
CVE-2022-27924 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-31321 Vulnerability in dos (CVE-2022-31321)
vulnerability in dos (CVE-2022-31321). Confidential information can be exposed externally.
CVE-2022-35118 PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
CVE-2022-1277 Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
CVE-2022-26138 KEV [KEV] Vulnerability in Atlassian confluence (CVE-2022-26138)
vulnerability in Atlassian confluence (CVE-2022-26138). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-41556 Out-of-Bounds Read in cpp (CVE-2021-41556)
vulnerability in cpp (CVE-2021-41556). Successful exploitation can lead to full system takeover.
CVE-2022-2160 Vulnerability in google (CVE-2022-2160)
vulnerability in google (CVE-2022-2160). Confidential information can be exposed externally.
CVE-2022-34611 Cross-Site Scripting (XSS) in online-fire-reporting-system-project (CVE-2022-34611)
cross-site scripting in online-fire-reporting-system-project (CVE-2022-34611). Risk of unauthorized operations or information disclosure.
CVE-2022-35131 Cross-Site Scripting (XSS) in joplinapp (CVE-2022-35131)
cross-site scripting in joplinapp (CVE-2022-35131). Successful exploitation can lead to full system takeover.
CVE-2022-24992 Path Traversal in path-traversal (CVE-2022-24992)
path traversal in path-traversal (CVE-2022-24992). Confidential information can be exposed externally.
CVE-2022-29709 SQL Injection in sqli (CVE-2022-29709)
SQL injection in sqli (CVE-2022-29709). Confidential information can be exposed externally.
CVE-2022-32450 Vulnerability in anydesk (CVE-2022-32450)
vulnerability in anydesk (CVE-2022-32450). Data can be tampered with by attackers.
CVE-2021-42923 Vulnerability in showmypc (CVE-2021-42923)
vulnerability in showmypc (CVE-2021-42923). Successful exploitation can lead to full system takeover.
CVE-2020-35305 Cross-Site Scripting (XSS) in gollum-project (CVE-2020-35305)
cross-site scripting in gollum-project (CVE-2020-35305). Risk of unauthorized operations or information disclosure.
CVE-2022-35409 Out-of-Bounds Read in arm (CVE-2022-35409)
vulnerability in arm (CVE-2022-35409). Confidential information can be exposed externally.
CVE-2022-32119 Unrestricted File Upload in arox (CVE-2022-32119)
vulnerability in arox (CVE-2022-32119). Successful exploitation can lead to full system takeover.
CVE-2022-30024 Vulnerability in tp-link (CVE-2022-30024)
vulnerability in tp-link (CVE-2022-30024). Successful exploitation can lead to full system takeover.
CVE-2022-32074 Cross-Site Scripting (XSS) in enhancesoft (CVE-2022-32074)
cross-site scripting in enhancesoft (CVE-2022-32074). Risk of unauthorized operations or information disclosure.
CVE-2022-32114 Unrestricted File Upload in strapi (CVE-2022-32114)
vulnerability in strapi (CVE-2022-32114). Successful exploitation can lead to full system takeover.
CVE-2021-36667 OS Command Injection in druva (CVE-2021-36667)
OS command injection in druva (CVE-2021-36667). Successful exploitation can lead to full system takeover.
CVE-2022-32224 Unsafe Deserialization in activerecord (CVE-2022-32224)
vulnerability in activerecord (CVE-2022-32224). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.2.8.1` or later.
CVE-2022-31904 Cross-Site Scripting (XSS) in uberrider (CVE-2022-31904)
cross-site scripting in uberrider (CVE-2022-31904). Risk of unauthorized operations or information disclosure.
CVE-2021-36668 Vulnerability in druva (CVE-2021-36668)
vulnerability in druva (CVE-2021-36668). Successful exploitation can lead to full system takeover.
CVE-2021-36666 Vulnerability in druva (CVE-2021-36666)
vulnerability in druva (CVE-2021-36666). Successful exploitation can lead to full system takeover.
CVE-2021-36665 Unsafe Deserialization in druva (CVE-2021-36665)
vulnerability in druva (CVE-2021-36665). Successful exploitation can lead to full system takeover.
CVE-2022-22047 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-22047)
vulnerability in Microsoft windows (CVE-2022-22047). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-33098 Cross-Site Scripting (XSS) in magnolia-cms (CVE-2022-33098)
cross-site scripting in magnolia-cms (CVE-2022-33098). Risk of unauthorized operations or information disclosure.
CVE-2022-24139 Vulnerability in iobit (CVE-2022-24139)
vulnerability in iobit (CVE-2022-24139). Successful exploitation can lead to full system takeover.
CVE-2022-24140 Vulnerability in iobit (CVE-2022-24140)
vulnerability in iobit (CVE-2022-24140). Successful exploitation can lead to full system takeover.
CVE-2022-24138 Vulnerability in iobit (CVE-2022-24138)
vulnerability in iobit (CVE-2022-24138). Successful exploitation can lead to full system takeover.
CVE-2022-33047 OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
CVE-2022-32385 Out-of-Bounds Write in tendacn (CVE-2022-32385)
out-of-bounds write in tendacn (CVE-2022-32385). Successful exploitation can lead to full system takeover.
CVE-2022-32386 Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVE-2022-33075 Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-33075)
cross-site scripting in phpgurukul (CVE-2022-33075). Risk of unauthorized operations or information disclosure.
CVE-2022-34151 Vulnerability in omron (CVE-2022-34151)
vulnerability in omron (CVE-2022-34151). Successful exploitation can lead to full system takeover.
CVE-2022-33971 Vulnerability in dos (CVE-2022-33971)
vulnerability in dos (CVE-2022-33971). Successful exploitation can lead to full system takeover.
CVE-2022-32384 Out-of-Bounds Write in tendacn (CVE-2022-32384)
out-of-bounds write in tendacn (CVE-2022-32384). Successful exploitation can lead to full system takeover.
CVE-2022-25898 Vulnerability in kjur (CVE-2022-25898)
vulnerability in kjur (CVE-2022-25898). Risk of unauthorized operations or information disclosure.
CVE-2022-26925 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-26925)
vulnerability in Microsoft windows (CVE-2022-26925). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-34835 Out-of-Bounds Write in denx (CVE-2022-34835)
out-of-bounds write in denx (CVE-2022-34835). Successful exploitation can lead to full system takeover.
CVE-2022-31897 Cross-Site Scripting (XSS) in phpgurukul (CVE-2022-31897)
cross-site scripting in phpgurukul (CVE-2022-31897). Risk of unauthorized operations or information disclosure.
CVE-2022-33009 Cross-Site Scripting (XSS) in lightcms-project (CVE-2022-33009)
cross-site scripting in lightcms-project (CVE-2022-33009). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →