Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2022-40055 Vulnerability in gxgroup (CVE-2022-40055)
vulnerability in gxgroup (CVE-2022-40055). Successful exploitation can lead to full system takeover.
CVE-2022-33106 Vulnerability in wijungle (CVE-2022-33106)
vulnerability in wijungle (CVE-2022-33106). Successful exploitation can lead to full system takeover.
CVE-2022-35156 SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
CVE-2022-40030 SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
CVE-2022-0495 SQL Injection in sqli (CVE-2022-0495)
SQL injection in sqli (CVE-2022-0495). Confidential information can be exposed externally.
CVE-2022-2315 SQL Injection in sqli (CVE-2022-2315)
SQL injection in sqli (CVE-2022-2315). Confidential information can be exposed externally.
CVE-2022-38619 SQL Injection in sqli (CVE-2022-38619)
SQL injection in sqli (CVE-2022-38619). Successful exploitation can lead to full system takeover.
CVE-2022-2177 SQL Injection in sqli (CVE-2022-2177)
SQL injection in sqli (CVE-2022-2177). Confidential information can be exposed externally.
CVE-2022-36536 Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
CVE-2022-37257 Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
CVE-2022-26258 KEV [KEV] OS Command Injection in D-link dir-820l (CVE-2022-26258)
OS command injection in D-link dir-820l (CVE-2022-26258). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2022-36640 Vulnerability in influxdata (CVE-2022-36640)
vulnerability in influxdata (CVE-2022-36640). Successful exploitation can lead to full system takeover.
CVE-2022-36202 Vulnerability in doctors-appointment-system-project (CVE-2022-36202)
vulnerability in doctors-appointment-system-project (CVE-2022-36202). Successful exploitation can lead to full system takeover.
CVE-2022-37176 Vulnerability in tendacn (CVE-2022-37176)
vulnerability in tendacn (CVE-2022-37176). Successful exploitation can lead to full system takeover.
CVE-2022-32993 Vulnerability in totolink (CVE-2022-32993)
vulnerability in totolink (CVE-2022-32993). Successful exploitation can lead to full system takeover.
CVE-2022-38555 Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.
Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.
CVE-2022-37053 TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
CVE-2021-42627 Vulnerability in dlink (CVE-2021-42627)
vulnerability in dlink (CVE-2021-42627). Successful exploitation can lead to full system takeover.
CVE-2021-42232 OS Command Injection in tp-link (CVE-2021-42232)
OS command injection in tp-link (CVE-2021-42232). Successful exploitation can lead to full system takeover.
CVE-2022-35201 Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
CVE-2022-36262 Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
CVE-2022-35293 Vulnerability in sap (CVE-2022-35293)
vulnerability in sap (CVE-2022-35293). Confidential information can be exposed externally.
CVE-2021-33643 Out-of-Bounds Read in feep (CVE-2021-33643)
vulnerability in feep (CVE-2021-33643). Confidential information can be exposed externally.
CVE-2022-31321 Vulnerability in dos (CVE-2022-31321)
vulnerability in dos (CVE-2022-31321). Confidential information can be exposed externally.
CVE-2022-1277 Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
CVE-2021-41556 Out-of-Bounds Read in cpp (CVE-2021-41556)
vulnerability in cpp (CVE-2021-41556). Successful exploitation can lead to full system takeover.
CVE-2022-35131 Cross-Site Scripting (XSS) in joplinapp (CVE-2022-35131)
cross-site scripting in joplinapp (CVE-2022-35131). Successful exploitation can lead to full system takeover.
CVE-2022-35409 Out-of-Bounds Read in arm (CVE-2022-35409)
vulnerability in arm (CVE-2022-35409). Confidential information can be exposed externally.
CVE-2022-32224 Unsafe Deserialization in activerecord (CVE-2022-32224)
vulnerability in activerecord (CVE-2022-32224). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.2.8.1` or later.
CVE-2022-33047 OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
CVE-2022-32385 Out-of-Bounds Write in tendacn (CVE-2022-32385)
out-of-bounds write in tendacn (CVE-2022-32385). Successful exploitation can lead to full system takeover.
CVE-2022-32386 Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
CVE-2022-34835 Out-of-Bounds Write in denx (CVE-2022-34835)
out-of-bounds write in denx (CVE-2022-34835). Successful exploitation can lead to full system takeover.
CVE-2021-45024 XXE (XML External Entity) in rocketsoftware (CVE-2021-45024)
vulnerability in rocketsoftware (CVE-2021-45024). Successful exploitation can lead to full system takeover.
CVE-2022-24562 Vulnerability in iobit (CVE-2022-24562)
vulnerability in iobit (CVE-2022-24562). Successful exploitation can lead to full system takeover.
CVE-2022-31384 SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
CVE-2022-31383 SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
CVE-2022-31382 SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
CVE-2021-42675 Unrestricted File Upload in kreado (CVE-2021-42675)
vulnerability in kreado (CVE-2021-42675). Successful exploitation can lead to full system takeover.
CVE-2022-32511 Unsafe Deserialization in jmespath (CVE-2022-32511)
vulnerability in jmespath (CVE-2022-32511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.1` or later.
CVE-2021-42875 OS Command Injection in totolink (CVE-2021-42875)
OS command injection in totolink (CVE-2021-42875). Successful exploitation can lead to full system takeover.
CVE-2022-29704 BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
CVE-2022-30490 SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
CVE-2022-28945 Path Traversal in path-traversal (CVE-2022-28945)
path traversal in path-traversal (CVE-2022-28945). Successful exploitation can lead to full system takeover.
CVE-2022-24239 Unrestricted File Upload in aceware (CVE-2022-24239)
vulnerability in aceware (CVE-2022-24239). Successful exploitation can lead to full system takeover.
CVE-2022-24240 SQL Injection in sqli (CVE-2022-24240)
SQL injection in sqli (CVE-2022-24240). Successful exploitation can lead to full system takeover.
CVE-2021-42872 OS Command Injection in totolink (CVE-2021-42872)
OS command injection in totolink (CVE-2021-42872). Successful exploitation can lead to full system takeover.
CVE-2020-7489 Vulnerability in schneider-electric (CVE-2020-7489)
vulnerability in schneider-electric (CVE-2020-7489). Successful exploitation can lead to full system takeover.
CVE-2021-41653 Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
CVE-2020-25368 OS Command Injection in dlink (CVE-2020-25368)
OS command injection in dlink (CVE-2020-25368). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →