Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-40055 |
|
Vulnerability in gxgroup (CVE-2022-40055)
vulnerability in gxgroup (CVE-2022-40055). Successful exploitation can lead to full system takeover.
|
| CVE-2022-33106 |
|
Vulnerability in wijungle (CVE-2022-33106)
vulnerability in wijungle (CVE-2022-33106). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35156 |
|
SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40030 |
|
SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
|
| CVE-2022-0495 |
|
SQL Injection in sqli (CVE-2022-0495)
SQL injection in sqli (CVE-2022-0495). Confidential information can be exposed externally.
|
| CVE-2022-2315 |
|
SQL Injection in sqli (CVE-2022-2315)
SQL injection in sqli (CVE-2022-2315). Confidential information can be exposed externally.
|
| CVE-2022-38619 |
|
SQL Injection in sqli (CVE-2022-38619)
SQL injection in sqli (CVE-2022-38619). Successful exploitation can lead to full system takeover.
|
| CVE-2022-2177 |
|
SQL Injection in sqli (CVE-2022-2177)
SQL injection in sqli (CVE-2022-2177). Confidential information can be exposed externally.
|
| CVE-2022-36536 |
|
Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37257 |
|
Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26258 KEV |
|
[KEV] OS Command Injection in D-link dir-820l (CVE-2022-26258)
OS command injection in D-link dir-820l (CVE-2022-26258). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2022-36640 |
|
Vulnerability in influxdata (CVE-2022-36640)
vulnerability in influxdata (CVE-2022-36640). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36202 |
|
Vulnerability in doctors-appointment-system-project (CVE-2022-36202)
vulnerability in doctors-appointment-system-project (CVE-2022-36202). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37176 |
|
Vulnerability in tendacn (CVE-2022-37176)
vulnerability in tendacn (CVE-2022-37176). Successful exploitation can lead to full system takeover.
|
| CVE-2022-32993 |
|
Vulnerability in totolink (CVE-2022-32993)
vulnerability in totolink (CVE-2022-32993). Successful exploitation can lead to full system takeover.
|
| CVE-2022-38555 |
|
Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.
Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.
|
| CVE-2022-37053 |
|
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
|
| CVE-2021-42627 |
|
Vulnerability in dlink (CVE-2021-42627)
vulnerability in dlink (CVE-2021-42627). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42232 |
|
OS Command Injection in tp-link (CVE-2021-42232)
OS command injection in tp-link (CVE-2021-42232). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35201 |
|
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
|
| CVE-2022-36262 |
|
Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35293 |
|
Vulnerability in sap (CVE-2022-35293)
vulnerability in sap (CVE-2022-35293). Confidential information can be exposed externally.
|
| CVE-2021-33643 |
|
Out-of-Bounds Read in feep (CVE-2021-33643)
vulnerability in feep (CVE-2021-33643). Confidential information can be exposed externally.
|
| CVE-2022-31321 |
|
Vulnerability in dos (CVE-2022-31321)
vulnerability in dos (CVE-2022-31321). Confidential information can be exposed externally.
|
| CVE-2022-1277 |
|
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
|
| CVE-2021-41556 |
|
Out-of-Bounds Read in cpp (CVE-2021-41556)
vulnerability in cpp (CVE-2021-41556). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35131 |
|
Cross-Site Scripting (XSS) in joplinapp (CVE-2022-35131)
cross-site scripting in joplinapp (CVE-2022-35131). Successful exploitation can lead to full system takeover.
|
| CVE-2022-35409 |
|
Out-of-Bounds Read in arm (CVE-2022-35409)
vulnerability in arm (CVE-2022-35409). Confidential information can be exposed externally.
|
| CVE-2022-32224 |
|
Unsafe Deserialization in activerecord (CVE-2022-32224)
vulnerability in activerecord (CVE-2022-32224). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.2.8.1` or later.
|
| CVE-2022-33047 |
|
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
|
| CVE-2022-32385 |
|
Out-of-Bounds Write in tendacn (CVE-2022-32385)
out-of-bounds write in tendacn (CVE-2022-32385). Successful exploitation can lead to full system takeover.
|
| CVE-2022-32386 |
|
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
|
| CVE-2022-34835 |
|
Out-of-Bounds Write in denx (CVE-2022-34835)
out-of-bounds write in denx (CVE-2022-34835). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45024 |
|
XXE (XML External Entity) in rocketsoftware (CVE-2021-45024)
vulnerability in rocketsoftware (CVE-2021-45024). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24562 |
|
Vulnerability in iobit (CVE-2022-24562)
vulnerability in iobit (CVE-2022-24562). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31384 |
|
SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31383 |
|
SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31382 |
|
SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42675 |
|
Unrestricted File Upload in kreado (CVE-2021-42675)
vulnerability in kreado (CVE-2021-42675). Successful exploitation can lead to full system takeover.
|
| CVE-2022-32511 |
|
Unsafe Deserialization in jmespath (CVE-2022-32511)
vulnerability in jmespath (CVE-2022-32511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.1` or later.
|
| CVE-2021-42875 |
|
OS Command Injection in totolink (CVE-2021-42875)
OS command injection in totolink (CVE-2021-42875). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29704 |
|
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability.
|
| CVE-2022-30490 |
|
SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
|
| CVE-2022-28945 |
|
Path Traversal in path-traversal (CVE-2022-28945)
path traversal in path-traversal (CVE-2022-28945). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24239 |
|
Unrestricted File Upload in aceware (CVE-2022-24239)
vulnerability in aceware (CVE-2022-24239). Successful exploitation can lead to full system takeover.
|
| CVE-2022-24240 |
|
SQL Injection in sqli (CVE-2022-24240)
SQL injection in sqli (CVE-2022-24240). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42872 |
|
OS Command Injection in totolink (CVE-2021-42872)
OS command injection in totolink (CVE-2021-42872). Successful exploitation can lead to full system takeover.
|
| CVE-2020-7489 |
|
Vulnerability in schneider-electric (CVE-2020-7489)
vulnerability in schneider-electric (CVE-2020-7489). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41653 |
|
Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25368 |
|
OS Command Injection in dlink (CVE-2020-25368)
OS command injection in dlink (CVE-2020-25368). Successful exploitation can lead to full system takeover.
|