Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2022-31877 Vulnerability in msi (CVE-2022-31877)
vulnerability in msi (CVE-2022-31877). Successful exploitation can lead to full system takeover.
CVE-2021-35587 KEV [KEV] Unsafe Deserialization in Oracle fusion-middleware (CVE-2021-35587)
vulnerability in Oracle fusion-middleware (CVE-2021-35587). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-4135 KEV [KEV] Out-of-Bounds Write in Google chromium-gpu (CVE-2022-4135)
out-of-bounds write in Google chromium-gpu (CVE-2022-4135). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-37772 Vulnerability in maarch (CVE-2022-37772)
vulnerability in maarch (CVE-2022-37772). Confidential information can be exposed externally.
CVE-2022-24037 Vulnerability in karmasis (CVE-2022-24037)
vulnerability in karmasis (CVE-2022-24037). Confidential information can be exposed externally.
CVE-2022-24036 Vulnerability in karmasis (CVE-2022-24036)
vulnerability in karmasis (CVE-2022-24036). Data can be tampered with by attackers.
CVE-2022-42124 Vulnerability in liferay (CVE-2022-42124)
vulnerability in liferay (CVE-2022-42124). Risk of unauthorized operations or information disclosure.
CVE-2022-42125 Path Traversal in path-traversal (CVE-2022-42125)
path traversal in path-traversal (CVE-2022-42125). Data can be tampered with by attackers.
CVE-2022-42123 Path Traversal in path-traversal (CVE-2022-42123)
path traversal in path-traversal (CVE-2022-42123). Data can be tampered with by attackers.
CVE-2022-42121 SQL Injection in sqli (CVE-2022-42121)
SQL injection in sqli (CVE-2022-42121). Successful exploitation can lead to full system takeover.
CVE-2022-41049 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-41049)
vulnerability in Microsoft windows (CVE-2022-41049). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41107 Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2022-41106 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41061 Microsoft Word Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-41063 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-41091 KEV [KEV] Authorization Flaw in Microsoft windows (CVE-2022-41091)
vulnerability in Microsoft windows (CVE-2022-41091). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41073 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41073)
out-of-bounds write in Microsoft windows (CVE-2022-41073). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41125 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41125)
out-of-bounds write in Microsoft windows (CVE-2022-41125). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41128 KEV [KEV] Out-of-Bounds Write in Microsoft windows (CVE-2022-41128)
out-of-bounds write in Microsoft windows (CVE-2022-41128). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25337 KEV [KEV] Privilege Escalation in Samsung mobile-devices (CVE-2021-25337)
vulnerability in Samsung mobile-devices (CVE-2021-25337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25369 KEV [KEV] Information Disclosure in Samsung mobile-devices (CVE-2021-25369)
vulnerability in Samsung mobile-devices (CVE-2021-25369). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-25370 KEV [KEV] Use-After-Free in Samsung mobile-devices (CVE-2021-25370)
vulnerability in Samsung mobile-devices (CVE-2021-25370). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-43945 Vulnerability in c (CVE-2022-43945)
vulnerability in c (CVE-2022-43945). Risk of unauthorized operations or information disclosure.
CVE-2022-40839 SQL Injection in sqli (CVE-2022-40839)
SQL injection in sqli (CVE-2022-40839). Confidential information can be exposed externally.
CVE-2022-3723 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2022-3723)
vulnerability in Google chromium-v8 (CVE-2022-3723). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-43340 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-43340)
vulnerability in csrf (CVE-2022-43340). Successful exploitation can lead to full system takeover.
CVE-2022-42827 KEV [KEV] Vulnerability in Apple ios-and-ipados (CVE-2022-42827)
vulnerability in Apple ios-and-ipados (CVE-2022-42827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3433 KEV [KEV] Vulnerability in Cisco anyconnect-secure (CVE-2020-3433)
vulnerability in Cisco anyconnect-secure (CVE-2020-3433). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3153 KEV [KEV] Vulnerability in Cisco anyconnect-secure (CVE-2020-3153)
vulnerability in Cisco anyconnect-secure (CVE-2020-3153). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-19323 KEV [KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19323)
vulnerability in Gigabyte multiple-products (CVE-2018-19323). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-19322 KEV [KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19322)
vulnerability in Gigabyte multiple-products (CVE-2018-19322). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-19321 KEV [KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19321)
vulnerability in Gigabyte multiple-products (CVE-2018-19321). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-19320 KEV [KEV] Vulnerability in Gigabyte multiple-products (CVE-2018-19320)
vulnerability in Gigabyte multiple-products (CVE-2018-19320). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-31366 Unrestricted File Upload in eve-ng (CVE-2022-31366)
vulnerability in eve-ng (CVE-2022-31366). Successful exploitation can lead to full system takeover.
CVE-2022-41352 KEV [KEV] Path Traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352)
path traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-3493 KEV [KEV] Vulnerability in Linux kernel (CVE-2021-3493)
vulnerability in Linux kernel (CVE-2021-3493). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-33077 Vulnerability in nopcommerce (CVE-2022-33077)
vulnerability in nopcommerce (CVE-2022-33077). Data can be tampered with by attackers.
CVE-2021-3305 Vulnerability in feishu (CVE-2021-3305)
vulnerability in feishu (CVE-2021-3305). Successful exploitation can lead to full system takeover.
CVE-2022-40227 Vulnerability in dos (CVE-2022-40227)
vulnerability in dos (CVE-2022-40227). Risk of unauthorized operations or information disclosure.
CVE-2022-40684 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2022-40684)
vulnerability in Fortinet multiple-products (CVE-2022-40684). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41033 KEV [KEV] Vulnerability in Microsoft windows-com-event-system-service (CVE-2022-41033)
vulnerability in Microsoft windows-com-event-system-service (CVE-2022-41033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-20920 Vulnerability in cisco (CVE-2022-20920)
vulnerability in cisco (CVE-2022-20920). Risk of unauthorized operations or information disclosure.
CVE-2022-36635 SQL Injection in sqli (CVE-2022-36635)
SQL injection in sqli (CVE-2022-36635). Successful exploitation can lead to full system takeover.
CVE-2022-36634 Authorization Flaw in zkteco (CVE-2022-36634)
vulnerability in zkteco (CVE-2022-36634). Successful exploitation can lead to full system takeover.
CVE-2022-40341 Unrestricted File Upload in mojoportal (CVE-2022-40341)
vulnerability in mojoportal (CVE-2022-40341). Successful exploitation can lead to full system takeover.
CVE-2022-41082 KEV [KEV] Unsafe Deserialization in Microsoft exchange-server (CVE-2022-41082)
vulnerability in Microsoft exchange-server (CVE-2022-41082). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41040 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-36804 KEV [KEV] OS Command Injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804)
OS command injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-40048 Unrestricted File Upload in flatpress (CVE-2022-40048)
vulnerability in flatpress (CVE-2022-40048). Successful exploitation can lead to full system takeover.
CVE-2022-2347 Vulnerability in denx (CVE-2022-2347)
vulnerability in denx (CVE-2022-2347). Successful exploitation can lead to full system takeover. Exploitable via ``wLength``.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →