Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-24027 |
|
In MISP 2.4.167, app/webroot/js/action_table.js allows XSS via a network history name.
In MISP 2.4.167, app/webroot/js/action_table.js allows XSS via a network history name.
|
| CVE-2021-36647 |
|
Vulnerability in c (CVE-2021-36647)
vulnerability in c (CVE-2021-36647). Confidential information can be exposed externally.
|
| CVE-2022-44303 |
|
Cross-Site Scripting (XSS) in resque-scheduler-project (CVE-2022-44303)
cross-site scripting in resque-scheduler-project (CVE-2022-44303). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-37325 |
|
Out-of-Bounds Write in c (CVE-2022-37325)
out-of-bounds write in c (CVE-2022-37325). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44960 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44960)
cross-site scripting in webtareas-project (CVE-2022-44960). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44961 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44961)
cross-site scripting in webtareas-project (CVE-2022-44961). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44962 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44962)
cross-site scripting in webtareas-project (CVE-2022-44962). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44944 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44944)
cross-site scripting in rukovoditel (CVE-2022-44944). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44946 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44946)
cross-site scripting in rukovoditel (CVE-2022-44946). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44947 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44947)
cross-site scripting in rukovoditel (CVE-2022-44947). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44948 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44948)
cross-site scripting in rukovoditel (CVE-2022-44948). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44949 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44949)
cross-site scripting in rukovoditel (CVE-2022-44949). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44950 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44950)
cross-site scripting in rukovoditel (CVE-2022-44950). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44951 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44951)
cross-site scripting in rukovoditel (CVE-2022-44951). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44952 |
|
Cross-Site Scripting (XSS) in rukovoditel (CVE-2022-44952)
cross-site scripting in rukovoditel (CVE-2022-44952). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44953 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44953)
cross-site scripting in webtareas-project (CVE-2022-44953). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44954 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44954)
cross-site scripting in webtareas-project (CVE-2022-44954). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44956 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44956)
cross-site scripting in webtareas-project (CVE-2022-44956). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44957 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44957)
cross-site scripting in webtareas-project (CVE-2022-44957). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44959 |
|
Cross-Site Scripting (XSS) in webtareas-project (CVE-2022-44959)
cross-site scripting in webtareas-project (CVE-2022-44959). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44290 |
|
SQL Injection in sqli (CVE-2022-44290)
SQL injection in sqli (CVE-2022-44290). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44291 |
|
SQL Injection in sqli (CVE-2022-44291)
SQL injection in sqli (CVE-2022-44291). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37721 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37721)
cross-site scripting in privilege-escalation (CVE-2022-37721). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37720 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37720)
cross-site scripting in privilege-escalation (CVE-2022-37720). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40842 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
|
| CVE-2022-36180 |
|
Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
|
| CVE-2022-20922 |
|
Vulnerability in c (CVE-2022-20922)
vulnerability in c (CVE-2022-20922). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42120 |
|
SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
|
| CVE-2022-43321 |
|
Cross-Site Scripting (XSS) in shopwind (CVE-2022-43321)
cross-site scripting in shopwind (CVE-2022-43321). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-43945 |
|
Vulnerability in c (CVE-2022-43945)
vulnerability in c (CVE-2022-43945). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-20969 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2022-20969)
cross-site scripting in cisco (CVE-2022-20969). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40840 |
|
Cross-Site Scripting (XSS) in ndk-design (CVE-2022-40840)
cross-site scripting in ndk-design (CVE-2022-40840). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-31366 |
|
Unrestricted File Upload in eve-ng (CVE-2022-31366)
vulnerability in eve-ng (CVE-2022-31366). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38901 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-38901)
cross-site scripting in liferay (CVE-2022-38901). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-21626 |
|
Vulnerability in c (CVE-2022-21626)
vulnerability in c (CVE-2022-21626). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-21624 |
|
Unsafe Deserialization in c (CVE-2022-21624)
vulnerability in c (CVE-2022-21624). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-38902 |
|
Cross-Site Scripting (XSS) in liferay (CVE-2022-38902)
cross-site scripting in liferay (CVE-2022-38902). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40047 |
|
Cross-Site Scripting (XSS) in flatpress (CVE-2022-40047)
cross-site scripting in flatpress (CVE-2022-40047). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42724 |
|
Information Disclosure in misp-project (CVE-2022-42724)
vulnerability in misp-project (CVE-2022-42724). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-35156 |
|
SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40027 |
|
Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40027)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40027). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40030 |
|
SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40028 |
|
Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40028)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40028). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40029 |
|
Cross-Site Scripting (XSS) in simple-task-managing-system-project (CVE-2022-40029)
cross-site scripting in simple-task-managing-system-project (CVE-2022-40029). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-37700 |
|
Path Traversal in path-traversal (CVE-2022-37700)
path traversal in path-traversal (CVE-2022-37700). Confidential information can be exposed externally.
|
| CVE-2022-36534 |
|
Command Injection in syncovery (CVE-2022-36534)
command injection in syncovery (CVE-2022-36534). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36536 |
|
Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37257 |
|
Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38013 |
|
Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.9` or later.
|
| CVE-2022-38096 |
|
Vulnerability in c (CVE-2022-38096)
vulnerability in c (CVE-2022-38096). Risk of unauthorized operations or information disclosure.
|