Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-31877 |
|
Vulnerability in msi (CVE-2022-31877)
vulnerability in msi (CVE-2022-31877). Successful exploitation can lead to full system takeover.
|
| CVE-2021-35587 KEV |
|
[KEV] Unsafe Deserialization in Oracle fusion-middleware (CVE-2021-35587)
vulnerability in Oracle fusion-middleware (CVE-2021-35587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-4135 KEV |
|
[KEV] Out-of-Bounds Write in Google chromium-gpu (CVE-2022-4135)
out-of-bounds write in Google chromium-gpu (CVE-2022-4135). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-37772 |
|
Vulnerability in maarch (CVE-2022-37772)
vulnerability in maarch (CVE-2022-37772). Confidential information can be exposed externally.
|
| CVE-2022-24037 |
|
Vulnerability in karmasis (CVE-2022-24037)
vulnerability in karmasis (CVE-2022-24037). Confidential information can be exposed externally.
|
| CVE-2022-24036 |
|
Vulnerability in karmasis (CVE-2022-24036)
vulnerability in karmasis (CVE-2022-24036). Data can be tampered with by attackers.
|
| CVE-2022-42124 |
|
Vulnerability in liferay (CVE-2022-42124)
vulnerability in liferay (CVE-2022-42124). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-42125 |
|
Path Traversal in path-traversal (CVE-2022-42125)
path traversal in path-traversal (CVE-2022-42125). Data can be tampered with by attackers.
|
| CVE-2022-42123 |
|
Path Traversal in path-traversal (CVE-2022-42123)
path traversal in path-traversal (CVE-2022-42123). Data can be tampered with by attackers.
|
| CVE-2022-42121 |
|
SQL Injection in sqli (CVE-2022-42121)
SQL injection in sqli (CVE-2022-42121). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41049 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-41049)
vulnerability in Microsoft windows (CVE-2022-41049). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41107 |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
|
| CVE-2022-41106 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-41061 |
|
Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
|
| CVE-2022-41063 |
|
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
|
| CVE-2022-41091 KEV |
|
[KEV] Authorization Flaw in Microsoft windows (CVE-2022-41091)
vulnerability in Microsoft windows (CVE-2022-41091). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41073 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41073)
out-of-bounds write in Microsoft windows (CVE-2022-41073). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41125 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41125)
out-of-bounds write in Microsoft windows (CVE-2022-41125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41128 KEV |
|
[KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41128)
out-of-bounds write in Microsoft windows (CVE-2022-41128). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25337 KEV |
|
[KEV] Privilege Escalation in Samsung mobile-devices (CVE-2021-25337)
vulnerability in Samsung mobile-devices (CVE-2021-25337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25369 KEV |
|
[KEV] Information Disclosure in Samsung mobile-devices (CVE-2021-25369)
vulnerability in Samsung mobile-devices (CVE-2021-25369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25370 KEV |
|
[KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25370)
vulnerability in Samsung mobile-devices (CVE-2021-25370). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-43945 |
|
Vulnerability in c (CVE-2022-43945)
vulnerability in c (CVE-2022-43945). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40839 |
|
SQL Injection in sqli (CVE-2022-40839)
SQL injection in sqli (CVE-2022-40839). Confidential information can be exposed externally.
|
| CVE-2022-3723 KEV |
|
[KEV] Vulnerability in Google chromium-v8 (CVE-2022-3723)
vulnerability in Google chromium-v8 (CVE-2022-3723). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-43340 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-43340)
vulnerability in csrf (CVE-2022-43340). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42827 KEV |
|
[KEV] Vulnerability in Apple ios-and-ipados (CVE-2022-42827)
vulnerability in Apple ios-and-ipados (CVE-2022-42827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-3433 KEV |
|
[KEV] Vulnerability in Cisco anyconnect-secure (CVE-2020-3433)
vulnerability in Cisco anyconnect-secure (CVE-2020-3433). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-3153 KEV |
|
[KEV] Vulnerability in Cisco anyconnect-secure (CVE-2020-3153)
vulnerability in Cisco anyconnect-secure (CVE-2020-3153). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19323 KEV |
|
[KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19323)
vulnerability in Gigabyte multiple-products (CVE-2018-19323). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19322 KEV |
|
[KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19322)
vulnerability in Gigabyte multiple-products (CVE-2018-19322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19321 KEV |
|
[KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19321)
vulnerability in Gigabyte multiple-products (CVE-2018-19321). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19320 KEV |
|
[KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19320)
vulnerability in Gigabyte multiple-products (CVE-2018-19320). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-31366 |
|
Unrestricted File Upload in eve-ng (CVE-2022-31366)
vulnerability in eve-ng (CVE-2022-31366). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41352 KEV |
|
[KEV] Path Traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352)
path traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-3493 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2021-3493)
vulnerability in Linux kernel (CVE-2021-3493). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-33077 |
|
Vulnerability in nopcommerce (CVE-2022-33077)
vulnerability in nopcommerce (CVE-2022-33077). Data can be tampered with by attackers.
|
| CVE-2021-3305 |
|
Vulnerability in feishu (CVE-2021-3305)
vulnerability in feishu (CVE-2021-3305). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40227 |
|
Vulnerability in dos (CVE-2022-40227)
vulnerability in dos (CVE-2022-40227). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40684 KEV |
|
[KEV] Vulnerability in Fortinet multiple-products (CVE-2022-40684)
vulnerability in Fortinet multiple-products (CVE-2022-40684). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41033 KEV |
|
[KEV] Vulnerability in Microsoft windows-com-event-system-service (CVE-2022-41033)
vulnerability in Microsoft windows-com-event-system-service (CVE-2022-41033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-20920 |
|
Vulnerability in cisco (CVE-2022-20920)
vulnerability in cisco (CVE-2022-20920). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-36635 |
|
SQL Injection in sqli (CVE-2022-36635)
SQL injection in sqli (CVE-2022-36635). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36634 |
|
Authorization Flaw in zkteco (CVE-2022-36634)
vulnerability in zkteco (CVE-2022-36634). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40341 |
|
Unrestricted File Upload in mojoportal (CVE-2022-40341)
vulnerability in mojoportal (CVE-2022-40341). Successful exploitation can lead to full system takeover.
|
| CVE-2022-41082 KEV |
|
[KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2022-41082)
vulnerability in Microsoft exchange-server (CVE-2022-41082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-41040 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-36804 KEV |
|
[KEV] OS Command Injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804)
OS command injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-40048 |
|
Unrestricted File Upload in flatpress (CVE-2022-40048)
vulnerability in flatpress (CVE-2022-40048). Successful exploitation can lead to full system takeover.
|
| CVE-2022-2347 |
|
Vulnerability in denx (CVE-2022-2347)
vulnerability in denx (CVE-2022-2347). Successful exploitation can lead to full system takeover. Exploitable via ``wLength``.
|