Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2022-30426 Out-of-Bounds Write in acer (CVE-2022-30426)
out-of-bounds write in acer (CVE-2022-30426). Successful exploitation can lead to full system takeover.
CVE-2022-3236 KEV [KEV] Code Injection in Sophos firewall (CVE-2022-3236)
code injection in Sophos firewall (CVE-2022-3236). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-34026 ICEcoder v8.1 allows attackers to execute a directory traversal.
ICEcoder v8.1 allows attackers to execute a directory traversal.
CVE-2022-28981 Path Traversal in path-traversal (CVE-2022-28981)
path traversal in path-traversal (CVE-2022-28981). Confidential information can be exposed externally. Exploitable via ``parameter``.
CVE-2022-35405 KEV [KEV] Unsafe Deserialization in Zoho manageengine (CVE-2022-35405)
vulnerability in Zoho manageengine (CVE-2022-35405). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-2265 Path Traversal in path-traversal (CVE-2022-2265)
path traversal in path-traversal (CVE-2022-2265). Confidential information can be exposed externally.
CVE-2022-38618 SQL Injection in sqli (CVE-2022-38618)
SQL injection in sqli (CVE-2022-38618). Successful exploitation can lead to full system takeover.
CVE-2022-38577 Vulnerability in processmaker (CVE-2022-38577)
vulnerability in processmaker (CVE-2022-38577). Successful exploitation can lead to full system takeover.
CVE-2022-37700 Path Traversal in path-traversal (CVE-2022-37700)
path traversal in path-traversal (CVE-2022-37700). Confidential information can be exposed externally.
CVE-2022-38617 SQL Injection in sqli (CVE-2022-38617)
SQL injection in sqli (CVE-2022-38617). Successful exploitation can lead to full system takeover.
CVE-2022-36534 Command Injection in syncovery (CVE-2022-36534)
command injection in syncovery (CVE-2022-36534). Successful exploitation can lead to full system takeover.
CVE-2022-36532 Vulnerability in bolt (CVE-2022-36532)
vulnerability in bolt (CVE-2022-36532). Successful exploitation can lead to full system takeover.
CVE-2022-40139 KEV [KEV] Vulnerability in Trend micro trend-micro (CVE-2022-40139)
vulnerability in Trend micro trend-micro (CVE-2022-40139). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-6282 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-6282)
vulnerability in Linux kernel (CVE-2013-6282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2597 KEV [KEV] Buffer Overflow in Code aurora code-aurora (CVE-2013-2597)
vulnerability in Code aurora code-aurora (CVE-2013-2597). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2596 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-2596)
vulnerability in Linux kernel (CVE-2013-2596). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2013-2094 KEV [KEV] Vulnerability in Linux kernel (CVE-2013-2094)
vulnerability in Linux kernel (CVE-2013-2094). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2010-2568 KEV [KEV] Vulnerability in Microsoft windows (CVE-2010-2568)
vulnerability in Microsoft windows (CVE-2010-2568). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-37969 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-37969)
vulnerability in Microsoft windows (CVE-2022-37969). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-32917 KEV [KEV] Vulnerability in Apple ios (CVE-2022-32917)
vulnerability in Apple ios (CVE-2022-32917). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-38013 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.9` or later.
CVE-2022-38616 SQL Injection in sqli (CVE-2022-38616)
SQL injection in sqli (CVE-2022-38616). Successful exploitation can lead to full system takeover.
CVE-2022-34109 Vulnerability in msi (CVE-2022-34109)
vulnerability in msi (CVE-2022-34109). Data can be tampered with by attackers.
CVE-2022-34108 Vulnerability in dos (CVE-2022-34108)
vulnerability in dos (CVE-2022-34108). Data can be tampered with by attackers.
CVE-2022-36110 Vulnerability in netmaker (CVE-2022-36110)
vulnerability in netmaker (CVE-2022-36110). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.15.1` or later.
CVE-2022-38615 SQL Injection in sqli (CVE-2022-38615)
SQL injection in sqli (CVE-2022-38615). Successful exploitation can lead to full system takeover.
CVE-2022-38614 Path Traversal in bpcbt (CVE-2022-38614)
path traversal in bpcbt (CVE-2022-38614). Confidential information can be exposed externally.
CVE-2022-30079 OS Command Injection in netgear (CVE-2022-30079)
OS command injection in netgear (CVE-2022-30079). Successful exploitation can lead to full system takeover.
CVE-2022-37145 Vulnerability in plextrac (CVE-2022-37145)
vulnerability in plextrac (CVE-2022-37145). Confidential information can be exposed externally.
CVE-2022-37144 Vulnerability in plextrac (CVE-2022-37144)
vulnerability in plextrac (CVE-2022-37144). Successful exploitation can lead to full system takeover.
CVE-2022-3075 KEV [KEV] Vulnerability in Google chromium-mojo (CVE-2022-3075)
vulnerability in Google chromium-mojo (CVE-2022-3075). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27593 KEV [KEV] Vulnerability in Qnap photo-station (CVE-2022-27593)
vulnerability in Qnap photo-station (CVE-2022-27593). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-9934 KEV [KEV] Vulnerability in Apple ios (CVE-2020-9934)
vulnerability in Apple ios (CVE-2020-9934). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-7445 KEV [KEV] Buffer Overflow in Mikrotik routeros (CVE-2018-7445)
vulnerability in Mikrotik routeros (CVE-2018-7445). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-6530 KEV [KEV] OS Command Injection in D-link multiple-routers (CVE-2018-6530)
OS command injection in D-link multiple-routers (CVE-2018-6530). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-2628 KEV [KEV] Unsafe Deserialization in Oracle weblogic-server (CVE-2018-2628)
vulnerability in Oracle weblogic-server (CVE-2018-2628). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-13374 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiadc (CVE-2018-13374)
vulnerability in Fortinet fortios-and-fortiadc (CVE-2018-13374). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-5521 KEV [KEV] Information Disclosure in Netgear multiple-devices (CVE-2017-5521)
vulnerability in Netgear multiple-devices (CVE-2017-5521). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2011-4723 KEV [KEV] Vulnerability in D-link dir-300-router (CVE-2011-4723)
vulnerability in D-link dir-300-router (CVE-2011-4723). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2011-1823 KEV [KEV] Vulnerability in android (CVE-2011-1823)
vulnerability in android (CVE-2011-1823). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-30078 OS Command Injection in netgear (CVE-2022-30078)
OS command injection in netgear (CVE-2022-30078). Successful exploitation can lead to full system takeover.
CVE-2022-36271 Vulnerability in outbyte (CVE-2022-36271)
vulnerability in outbyte (CVE-2022-36271). Successful exploitation can lead to full system takeover.
CVE-2022-36552 Vulnerability in tendacn (CVE-2022-36552)
vulnerability in tendacn (CVE-2022-36552). Confidential information can be exposed externally.
CVE-2022-35192 Vulnerability in dos (CVE-2022-35192)
vulnerability in dos (CVE-2022-35192). Risk of unauthorized operations or information disclosure.
CVE-2022-26352 KEV [KEV] Path Traversal in dotcms (CVE-2022-26352)
path traversal in dotcms (CVE-2022-26352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24706 KEV [KEV] Vulnerability in Apache couchdb (CVE-2022-24706)
vulnerability in Apache couchdb (CVE-2022-24706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24112 KEV [KEV] Vulnerability in Apache apisix (CVE-2022-24112)
vulnerability in Apache apisix (CVE-2022-24112). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-22963 KEV [KEV] Code Injection in Vmware tanzu vmware-tanzu (CVE-2022-22963)
code injection in Vmware tanzu vmware-tanzu (CVE-2022-22963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-2294 KEV [KEV] Vulnerability in webrtc (CVE-2022-2294)
vulnerability in webrtc (CVE-2022-2294). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-39226 KEV [KEV] Authentication Bypass in Grafana labs grafana-labs (CVE-2021-39226)
authentication bypass in Grafana labs grafana-labs (CVE-2021-39226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →