CVE-2022-0xxx

There are 913 CVE in this subgroup.
Last updated: 
← Back to 2022
ID Summary Flags Max Score
CVE-2022-0001 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors m...
S
CVE-2022-0002 Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow a...
S
CVE-2022-0003 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i...
R
CVE-2022-0004 Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Proce...
CVE-2022-0005 Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors ...
CVE-2022-0010 QCS 800xA Vulnerability identified in system log files
CVE-2022-0011 PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering
S
CVE-2022-0012 Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability
S
CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File
S
CVE-2022-0014 Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session
S
CVE-2022-0015 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
S
CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon
S
CVE-2022-0017 GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation
S
CVE-2022-0018 GlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On Enabled
S
CVE-2022-0019 GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux
S
CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface
S
CVE-2022-0021 GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon
S
CVE-2022-0022 PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes
S
CVE-2022-0023 PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy
S
CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
S
CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
S
CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability
S
CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports
S
CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
KEV S
CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File
S
CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface
S
CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
S
CVE-2022-0070 Log4j hot patch package privilege escalation
E
CVE-2022-0071 Hotdog Container Escape
E S
CVE-2022-0072 Directory Traversal in OpenLiteSpeed Web Server
E
CVE-2022-0073 Authenticated Remote Code Execution in OpenLiteSpeed Web Server
E
CVE-2022-0074 Privilege Escalation in OpenLiteSpeed Web Server
E
CVE-2022-0079 Generation of Error Message Containing Sensitive Information in star7th/showdoc
E S
CVE-2022-0080 Heap-based Buffer Overflow in mruby/mruby
E S
CVE-2022-0083 Generation of Error Message Containing Sensitive Information in livehelperchat/livehelperchat
E S
CVE-2022-0084 A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this metho...
S
CVE-2022-0085 Server-Side Request Forgery (SSRF) in dompdf/dompdf
E S
CVE-2022-0086 Server-Side Request Forgery (SSRF) in transloadit/uppy
E S
CVE-2022-0087 Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
E S
CVE-2022-0088 Cross-Site Request Forgery (CSRF) in yourls/yourls
E S
CVE-2022-0090 An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, a...
CVE-2022-0093 An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, a...
CVE-2022-0094 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2022-0095 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2022-0096 Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potent...
E S
CVE-2022-0097 Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker ...
CVE-2022-0098 Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an atta...
E S
CVE-2022-0099 Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convi...
S
CVE-2022-0100 Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote at...
E
CVE-2022-0101 Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker w...
E
CVE-2022-0102 Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially...
CVE-2022-0103 Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to po...
S
CVE-2022-0104 Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to po...
S
CVE-2022-0105 Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker...
E
CVE-2022-0106 Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who conv...
E S
CVE-2022-0107 Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an at...
E
CVE-2022-0108 Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote a...
E S
CVE-2022-0109 Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote att...
E S
CVE-2022-0110 Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker t...
E
CVE-2022-0111 Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote a...
E
CVE-2022-0112 Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker...
E S
CVE-2022-0113 Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attack...
E
CVE-2022-0114 Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a rem...
E S
CVE-2022-0115 Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to po...
E S
CVE-2022-0116 Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote ...
E S
CVE-2022-0117 Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cros...
E S
CVE-2022-0118 Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote att...
E S
CVE-2022-0120 Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote at...
E
CVE-2022-0121 Cross-site Scripting in hoppscotch/hoppscotch
E S
CVE-2022-0122 Open Redirect in digitalbazaar/forge
E S
CVE-2022-0123 An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, a...
CVE-2022-0124 An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, a...
CVE-2022-0125 An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all ...
CVE-2022-0128 Out-of-bounds Read in vim/vim
E S
CVE-2022-0129 DLL Highjack vulnerability in McAfee TechCheck utility
CVE-2022-0130 Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerabilit...
CVE-2022-0131 Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. B...
CVE-2022-0132 Server-Side Request Forgery (SSRF) in chocobozzz/peertube
E S
CVE-2022-0133 Improper Access Control in chocobozzz/peertube
E S
CVE-2022-0134 AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF
E
CVE-2022-0135 An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This fl...
S
CVE-2022-0136 A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1...
CVE-2022-0137 A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to wri...
E S
CVE-2022-0138 Airspan Networks Mimosa Deserialization of Untrusted Data
S
CVE-2022-0139 Use After Free in radareorg/radare2
E S
CVE-2022-0140 Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure
E
CVE-2022-0141 Visual Form Builder < 3.0.8 - Entries Deletion/Restoration via CSRF
CVE-2022-0142 Visual Form Builder < 3.0.6 - CSV Injection
E
CVE-2022-0143 LDAP Connector: When startTLS is used then LDAP connector ignores the wrong password
S
CVE-2022-0144 Improper Privilege Management in shelljs/shelljs
E S
CVE-2022-0145 Cross-site Scripting (XSS) - Stored in forkcms/forkcms
E S
CVE-2022-0147 Cookie Information < 2.0.8 - Reflected Cross-Site Scripting
E S
CVE-2022-0148 All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS)
E S
CVE-2022-0149 WooCommerce – Store Exporter < 2.7.1 - Reflected Cross-Site Scripting (XSS)
E S
CVE-2022-0150 WP Accessibility Helper (WAH) < 0.6.0.7 - Reflected Cross-Site Scripting (XSS)
E
CVE-2022-0151 An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all...
CVE-2022-0152 An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all...
E
CVE-2022-0153 SQL Injection in forkcms/forkcms
E S
CVE-2022-0154 An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all v...
CVE-2022-0155 Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects
E S
CVE-2022-0156 Use After Free in vim/vim
E S
CVE-2022-0157 Cross-site Scripting (XSS) - Stored in phoronix-test-suite/phoronix-test-suite
E S
CVE-2022-0158 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0159 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
E S
CVE-2022-0161 ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
E S
CVE-2022-0162 Vulnerability in TP-LinK TL-WR841N wireless router
S
CVE-2022-0163 Smart Forms < 2.6.71 - Subscriber+ Form Data Download
E
CVE-2022-0164 Coming soon and Maintenance mode < 3.6.7 - Subscriber+ Arbitrary Email Sending to Subscribed Users
E S
CVE-2022-0165 Page Builder KingComposer <= 2.9.6 - Open Redirect
E
CVE-2022-0166 Privilege escalation vulnerability in McAfee Agent
CVE-2022-0167 An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.4.5, all ...
E
CVE-2022-0168 A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in th...
S
CVE-2022-0169 Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection
E S
CVE-2022-0170 Improper Access Control in chocobozzz/peertube
S
CVE-2022-0171 A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non...
S
CVE-2022-0172 An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certai...
CVE-2022-0173 Out-of-bounds Read in radareorg/radare2
E S
CVE-2022-0174 Improper Validation of Specified Quantity in Input in dolibarr/dolibarr
E S
CVE-2022-0175 A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly in...
S
CVE-2022-0176 PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting
E S
CVE-2022-0177 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was inco...
R
CVE-2022-0178 Missing Authorization in snipe/snipe-it
E S
CVE-2022-0179 Missing Authorization in snipe/snipe-it
E S
CVE-2022-0180 Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 al...
CVE-2022-0181 Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allow...
CVE-2022-0182 Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a...
CVE-2022-0183 Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIR...
CVE-2022-0184 Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and ...
S
CVE-2022-0185 A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesy...
KEV E S
CVE-2022-0186 Image Photo Gallery Final Tiles Grid < 3.5.3 - Contributor+ Stored Cross-Site Scripting
E
CVE-2022-0188 Coming Soon & Maintenance Plugin by NiteoThemes < 4.0.19 - Unauthenticated Arbitrary CSS Update
E S
CVE-2022-0189 WP RSS Aggregator < 4.20 - Reflected Cross-Site Scripting (XSS)
E
CVE-2022-0190 Ad Invalid Click Protector (AICP) < 1.2.6 - Authenticated SQL Injection
E
CVE-2022-0191 Ad Invalid Click Protector (AICP) < 1.2.7 - Arbitrary Ban Deletion via CSRF
E S
CVE-2022-0192 A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that c...
S
CVE-2022-0193 Complianz - GDPR/CCPA Cookie Consent < 6.0.0 - Reflected Cross-Site Scripting
E S
CVE-2022-0194 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ne...
CVE-2022-0196 Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite
E S
CVE-2022-0197 Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite
E S
CVE-2022-0198 Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
E S
CVE-2022-0199 Coming soon and Maintenance mode < 3.6.8 - Arbitrary Email Sending to Subscribed Users via CSRF
E
CVE-2022-0200 Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting
E
CVE-2022-0201 Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting
E S
CVE-2022-0203 Improper Access Control in crater-invoice/crater
E S
CVE-2022-0204 A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local n...
E S
CVE-2022-0205 YOP Poll < 6.3.5 - Author+ Stored Cross-Site Scripting
E
CVE-2022-0206 NewStatPress < 1.3.6 - Reflected Cross-Site Scripting
E
CVE-2022-0207 A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that ma...
S
CVE-2022-0208 MapPress Maps for WordPress < 2.73.4 - Reflected Cross-Site scripting
E
CVE-2022-0209 Mitsol Social Post Feed < 1.11 - Admin+ Stored Cross-Site Scripting
CVE-2022-0210 Random Banner <= 4.1.4 Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0211 Shield Security < 13.0.6 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0212 SpiderCalendar <= 1.5.65 - Reflected Cross-Site Scripting
E
CVE-2022-0213 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0214 Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service
E
CVE-2022-0215 XootiX Plugins <= Various Versions Cross-Site Request Forgery to Arbitrary Options Update
E S
CVE-2022-0216 A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. ...
E S
CVE-2022-0217 It was discovered that an internal Prosody library to load XML based on libexpat does not properly r...
E S
CVE-2022-0218 WP HTML Mail <= 3.0.9 Missing Authorization on REST-API Route
E S
CVE-2022-0219 Improper Restriction of XML External Entity Reference in skylot/jadx
E S
CVE-2022-0220 WordPress GDPR & CCPA < 1.9.27 - Unauthenticated Reflected Cross-Site Scripting
E
CVE-2022-0221 A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could res...
M
CVE-2022-0222 A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service o...
CVE-2022-0223 A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerabili...
S
CVE-2022-0224 SQL Injection in dolibarr/dolibarr
E S
CVE-2022-0225 A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as...
E
CVE-2022-0226 Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
E S
CVE-2022-0227 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was inco...
R
CVE-2022-0228 Popup Builder < 4.0.7 - Admin+ SQL Injection
E
CVE-2022-0229 miniOrange's Google Authenticator < 5.5 - Unauthenticated Arbitrary Options Deletion
E
CVE-2022-0230 Better WordPress Google XML Sitemaps <= 1.4.1 - Unauthenticated Stored Cross-Site Scripting
E
CVE-2022-0231 Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
E S
CVE-2022-0232 User Registration, Login & Landing Pages – LeadMagic <= 1.2.7 Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0233 ProfileGrid – User Profiles, Memberships, Groups and Communities <= 4.7.4 Authenticated Stored Cross-Site Scripting
E S
CVE-2022-0234 WOOCS < 1.3.7.5 - Reflected Cross-Site Scripting
E
CVE-2022-0235 Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch
E S
CVE-2022-0236 WP Import Export (Lite) <= 3.9.15 Unauthenticated Sensitive Data Disclosure
E S
CVE-2022-0237 Rapid7 Insight Agent Privilege Escalation
E
CVE-2022-0238 Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite
E S
CVE-2022-0239 Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
E S
CVE-2022-0240 NULL Pointer Dereference in mruby/mruby
E S
CVE-2022-0242 Unrestricted Upload of File with Dangerous Type in crater-invoice/crater
E S
CVE-2022-0243 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
E S
CVE-2022-0244 An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary fi...
CVE-2022-0245 Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
E S
CVE-2022-0246 iQ Block Country < 1.2.13 - Admin+ Arbitrary File Deletion via Zip Slip
E
CVE-2022-0247 Write access to VMO data through copy-on-write in Fuchsia
S
CVE-2022-0248 Contact Form Submissions < 1.7.3 - Unauthenticated Stored XSS
E S
CVE-2022-0249 A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind ...
E
CVE-2022-0250 Redirection for Contact Form 7 < 2.5.0 - Reflected Cross-Site Scripting
E
CVE-2022-0251 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0252 Give < 2.17.3 - Reflected Cross-Site Scripting via Import Tool
E
CVE-2022-0253 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0254 Zero Spam < 5.2.11 - Admin+ SQL Injection
E S
CVE-2022-0255 Database Backup for WordPress < 2.5.1 - Admin+ SQL Injection
E
CVE-2022-0256 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0257 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0258 SQL Injection in pimcore/pimcore
E S
CVE-2022-0259 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2022-0260 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0261 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0262 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0263 Unrestricted Upload of File with Dangerous Type in pimcore/pimcore
E S
CVE-2022-0264 A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures...
S
CVE-2022-0265 Improper Restriction of XML External Entity Reference in hazelcast/hazelcast
E S
CVE-2022-0266 Authorization Bypass Through User-Controlled Key in livehelperchat/livehelperchat
E S
CVE-2022-0267 AdRotate < 5.8.22 - Admin+ SQL Injection
E
CVE-2022-0268 Cross-site Scripting (XSS) - Stored in getgrav/grav
E S
CVE-2022-0269 Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm
E S
CVE-2022-0270 Improper header sanitization in bored-agent causes escalation of privilege
CVE-2022-0271 LearnPress < 4.1.6 - Reflected Cross-Site Scripting
E
CVE-2022-0272 Improper Restriction of XML External Entity Reference in detekt/detekt
E S
CVE-2022-0273 Improper Access Control in janeczku/calibre-web
E S
CVE-2022-0274 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
E S
CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber
E S
CVE-2022-0278 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0279 AnyComment < 0.2.18 - Comment Rating Increase/Decrease via Race Condition
E
CVE-2022-0280 McAfee Total Protection (MTP) - File Deletion vulnerability
CVE-2022-0281 Exposure of Sensitive Information to an Unauthorized Actor in microweber/microweber
E S
CVE-2022-0282 Cross-site Scripting in microweber/microweber
E S
CVE-2022-0283 An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability...
CVE-2022-0284 A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-acc...
E S
CVE-2022-0285 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0286 A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to ...
E S
CVE-2022-0287 Mycred < 2.4.4.1 - Subscriber+ User E-mail Addresses Disclosure
E
CVE-2022-0288 Ad Inserter < 2.7.10 - Reflected Cross-Site Scripting
E
CVE-2022-0289 Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to ...
CVE-2022-0290 Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to...
CVE-2022-0291 Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote atta...
CVE-2022-0292 Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remot...
CVE-2022-0293 Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to ...
CVE-2022-0294 Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remo...
CVE-2022-0295 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convi...
CVE-2022-0296 Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who conv...
CVE-2022-0297 Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potenti...
CVE-2022-0298 Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to pot...
CVE-2022-0300 Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed...
CVE-2022-0301 Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who conv...
CVE-2022-0302 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a...
CVE-2022-0303 Rejected reason: Further investigation determines issue is not a vulnerability...
R
CVE-2022-0304 Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who con...
CVE-2022-0305 Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a ...
CVE-2022-0306 Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to p...
CVE-2022-0307 Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacke...
CVE-2022-0308 Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote...
CVE-2022-0309 Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote att...
CVE-2022-0310 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacke...
CVE-2022-0311 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacke...
CVE-2022-0313 Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF
E
CVE-2022-0314 Nimble Page Builder < 3.2.2 - Reflected Cross-Site Scripting
E
CVE-2022-0315 Insecure Temporary File in horovod/horovod
S
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload
E
CVE-2022-0317 Improper Input Validation in AKPublic.Verify in go-attestation
CVE-2022-0318 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0319 Out-of-bounds Read in vim/vim
E S
CVE-2022-0320 Essential Addons for Elementor < 5.0.5 - Unauthenticated LFI
CVE-2022-0321 WP Voting Contest < 3.0 - Reflected Cross-Site Scripting
E
CVE-2022-0322 A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP netw...
S
CVE-2022-0323 Improper Neutralization of Special Elements Used in a Template Engine in bobthecow/mustache.php
E S
CVE-2022-0324 Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC)
CVE-2022-0326 NULL Pointer Dereference in mruby/mruby
E S
CVE-2022-0327 Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting
E
CVE-2022-0328 Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF
E
CVE-2022-0329 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was inco...
R
CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in ...
CVE-2022-0331 An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to rea...
CVE-2022-0332 A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h...
S
CVE-2022-0333 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier uns...
S
CVE-2022-0334 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier uns...
S
CVE-2022-0335 A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier uns...
CVE-2022-0336 The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure ...
S
CVE-2022-0337 Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 al...
E
CVE-2022-0338 Insertion of Sensitive Information into Log File in delgan/loguru
E S
CVE-2022-0339 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
E S
CVE-2022-0341 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
E S
CVE-2022-0342 An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio...
CVE-2022-0343 Local Priviledge escalation in Perfetto Dev scripts
S
CVE-2022-0344 An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all ...
E
CVE-2022-0345 Better Notifications for WP < 1.8.7 - Email Address Disclosure
E
CVE-2022-0346 Google XML Sitemap Generator < 2.0.4 - Reflected Cross-Site Scripting
E
CVE-2022-0347 LoginPress < 1.5.12 - Reflected Cross-Site Scripting
E
CVE-2022-0348 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection
E
CVE-2022-0350 Cross-site Scripting (XSS) - Stored in vanessa219/vditor
E S
CVE-2022-0351 Access of Memory Location Before Start of Buffer in vim/vim
E S
CVE-2022-0352 Cross-site Scripting (XSS) - Reflected in janeczku/calibre-web
E S
CVE-2022-0353 A denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to ...
S
CVE-2022-0354 A vulnerability was reported in Lenovo System Update that could allow a local user with interactive ...
E S
CVE-2022-0355 Improper Removal of Sensitive Information Before Storage or Transfer in feross/simple-get
E S
CVE-2022-0357 Improper Quoting Path Issue in Bitdefender Total Security
S
CVE-2022-0358 A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This fl...
S
CVE-2022-0359 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0360 WP Ultimate CSV Importer < 6.4.3 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0361 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0362 SQL Injection in star7th/showdoc
E S
CVE-2022-0363 myCred < 2.4.4 - Subscriber+ Arbitrary Post Creation
E
CVE-2022-0364 Modern Events Calendar Lite < 6.4.0 - Contributor+ Stored Cross Site Scripting
E
CVE-2022-0365 Ricon Mobile, Inc.
M
CVE-2022-0366 An authenticated and authorized agent user could potentially gain administrative access via an SQLi ...
CVE-2022-0367 A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c....
E S
CVE-2022-0368 Out-of-bounds Read in vim/vim
E S
CVE-2022-0369 Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
CVE-2022-0370 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0371 An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4...
CVE-2022-0372 Cross-site Scripting (XSS) - Stored in crater-invoice/crater
E S
CVE-2022-0373 Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 ...
E
CVE-2022-0374 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0375 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0376 User Meta < 2.4.3 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0377 LearnPress < 4.1.5 - Arbitrary Image Renaming
E S
CVE-2022-0378 Cross-site Scripting (XSS) - Reflected in microweber/microweber
E S
CVE-2022-0379 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0380 Fotobook <= 3.2.3 Reflected Cross-Site Scripting
E S
CVE-2022-0381 Embed Swagger <= 1.0.0 Reflected Cross-Site Scripting
E S
CVE-2022-0382 An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol s...
E S
CVE-2022-0383 WP Review Slider < 11.0 - Admin+ SQL Injection
E
CVE-2022-0384 Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure
E S
CVE-2022-0385 Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS
E
CVE-2022-0386 A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated atta...
CVE-2022-0387 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0388 Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS
E
CVE-2022-0389 WP Time Slots Booking Form < 1.1.63 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0390 Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 ...
E
CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uni...
E S
CVE-2022-0392 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0393 Out-of-bounds Read in vim/vim
E S
CVE-2022-0394 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0395 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0396 DoS from specifically crafted TCP packets
S
CVE-2022-0397 WPC Smart Wishlist for WooCommerce < 2.9.4 - Reflected Cross-Site Scripting
E
CVE-2022-0398 ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation
E
CVE-2022-0399 Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting
E S
CVE-2022-0400 An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causin...
CVE-2022-0401 Path Traversal in yuda-lyu/w-zip
E S
CVE-2022-0402 Superforms < 6.0.4 - Reflected Cross-Site Scripting
E S
CVE-2022-0403 Library File Manager < 5.2.3 - Subscriber+ Arbitrary File Creation/Upload/Deletion
E
CVE-2022-0404 Material Design for Contact Form 7 <= 2.6.4 - Subscriber+ Arbitrary Settings Update leading to DoS
E
CVE-2022-0405 Improper Access Control in janeczku/calibre-web
E S
CVE-2022-0406 Improper Authorization in janeczku/calibre-web
E S
CVE-2022-0407 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0408 Stack-based Buffer Overflow in vim/vim
E S
CVE-2022-0409 Unrestricted Upload of File with Dangerous Type in star7th/showdoc
E S
CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection
E
CVE-2022-0411 Asgaros Forum < 2.0.0 - Subscriber+ Blind SQL Injection
E
CVE-2022-0412 TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection
E
CVE-2022-0413 Use After Free in vim/vim
E S
CVE-2022-0414 Improper Validation of Specified Quantity in Input in dolibarr/dolibarr
E S
CVE-2022-0415 Remote Command Execution in uploading repository file in gogs/gogs
E S
CVE-2022-0417 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0418 Event List < 0.8.8 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0419 NULL Pointer Dereference in radareorg/radare2
E S
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection
E S
CVE-2022-0421 Five Star Restaurant Reservations < 2.4.12 - Unauthenticated Arbitrary Payment Status Update to Stored XSS
E
CVE-2022-0422 White Label MS < 2.2.9 - Reflected Cross-Site Scripting
E S
CVE-2022-0423 3D FlipBook < 1.12.1 - Subscriber+ Stored Cross-Site Scripting
E
CVE-2022-0424 Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure
E
CVE-2022-0425 A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE s...
CVE-2022-0426 Product Feed PRO for WooCommerce < 11.2.3 - Reflected Cross-Site Scripting
E S
CVE-2022-0427 Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since v...
E
CVE-2022-0428 Content Egg < 5.3.0 - Reflected Cross-Site Scripting
E
CVE-2022-0429 WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Unauthenticated Stored Cross-Site Scripting
E
CVE-2022-0430 Exposure of Sensitive Information to an Unauthorized Actor in httpie/httpie
E S
CVE-2022-0431 Google Pagespeed Insights < 4.0.4 - Reflected Cross-Site Scripting
E S
CVE-2022-0432 Prototype Pollution in mastodon/mastodon
E S
CVE-2022-0433 A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user trig...
S
CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection
E
CVE-2022-0435 A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user ...
E S
CVE-2022-0436 Path Traversal in gruntjs/grunt
E S
CVE-2022-0437 Cross-site Scripting (XSS) - DOM in karma-runner/karma
E S
CVE-2022-0439 Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection
E
CVE-2022-0440 Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution
E
CVE-2022-0441 MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation
E S
CVE-2022-0442 UsersWP < 1.2.3.1 - Subscriber+ User Avatar Override
E
CVE-2022-0443 Use After Free in vim/vim
E S
CVE-2022-0444 XCloner < 4.3.6 - Plugin Settings Reset
E
CVE-2022-0445 WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRF
E
CVE-2022-0446 Simple Banner < 2.12.0 - Admin+ Stored Cross Site Scripting
CVE-2022-0447 Post Grid < 2.1.16 - Reflected Cross-Site Scripting via post_types
E
CVE-2022-0448 CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0449 Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
E
CVE-2022-0450 Menu Image, Icons made easy < 3.0.8 - Subscriber+ Stored Cross-Site Scripting
E
CVE-2022-0451 Auth bypass in Dark SDK
S
CVE-2022-0452 Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to ...
CVE-2022-0453 Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who h...
CVE-2022-0454 Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to po...
CVE-2022-0455 Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 a...
CVE-2022-0456 Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to pot...
CVE-2022-0457 Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially...
CVE-2022-0458 Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attack...
CVE-2022-0459 Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker wh...
CVE-2022-0460 Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker t...
CVE-2022-0461 Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass ifr...
CVE-2022-0462 Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attac...
CVE-2022-0463 Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who...
CVE-2022-0464 Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who...
CVE-2022-0465 Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to pot...
CVE-2022-0466 Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed a...
S
CVE-2022-0467 Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allow...
E S
CVE-2022-0468 Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to poten...
CVE-2022-0469 Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convince...
CVE-2022-0470 Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker t...
E S
CVE-2022-0471 Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting
E S
CVE-2022-0472 Unrestricted Upload of File with Dangerous Type in jsdecena/laracom
E S
CVE-2022-0473 Dynamic field error message is vulnerable to XSS
S
CVE-2022-0474 Disclosure of mail addresses
S
CVE-2022-0475 Possible XSS attack via translation
S
CVE-2022-0476 Denial of Service in radareorg/radare2
E S
CVE-2022-0477 An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all ...
CVE-2022-0478 Event Manager for WooCommerce < 3.5.8 - Contributor+ SQL Injection
E S
CVE-2022-0479 Popup Builder < 4.1.1 - SQL Injection to Reflected Cross-Site Scripting
E S
CVE-2022-0480 A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lea...
S
CVE-2022-0481 NULL Pointer Dereference in mruby/mruby
E S
CVE-2022-0482 Exposure of Private Personal Information to an Unauthorized Actor in alextselegidis/easyappointments
E S
CVE-2022-0483 Local privilege escalation due to insecure folder permissions
CVE-2022-0484 Improper URL Validation causes Mirantis Container Cloud Lens Extension to open external programs
CVE-2022-0485 A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies usin...
E S
CVE-2022-0486 Privileged Command Injection Vulnerability in Fidelis Network and Deception
S
CVE-2022-0487 A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb...
S
CVE-2022-0488 An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It w...
CVE-2022-0489 An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was poss...
E S
CVE-2022-0492 A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgro...
S
CVE-2022-0493 String Locator < 2.5.0 - Admin+ Arbitrary File Read
E
CVE-2022-0494 A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl....
CVE-2022-0495 SQL Injection in KOHA
S
CVE-2022-0496 A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily m...
E S
CVE-2022-0497 A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an ou...
E S
CVE-2022-0498 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-0499 Sermon Browser <= 0.45.22 - Arbitrary File Upload via CSRF
E
CVE-2022-0500 A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds...
S
CVE-2022-0501 Cross-site Scripting (XSS) - Reflected in ptrofimov/beanstalk_console
E S
CVE-2022-0502 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0503 Multisite Content Copier/Updater < 2.1.2 - Reflected Cross-Site Scripting
E
CVE-2022-0504 Generation of Error Message Containing Sensitive Information in microweber/microweber
E S
CVE-2022-0505 Cross-Site Request Forgery (CSRF) in microweber/microweber
E S
CVE-2022-0506 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0507 Vulnerability: Authenticated SQL Injection in API
S
CVE-2022-0508 Server-Side Request Forgery (SSRF) in chocobozzz/peertube
E S
CVE-2022-0509 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0510 Cross-site Scripting (XSS) - Reflected in pimcore/pimcore
E S
CVE-2022-0511 Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herr...
CVE-2022-0512 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
E S
CVE-2022-0513 WP Statistics <= 13.1.4 Unauthenticated Blind SQL Injection via exclusion_reason
E S
CVE-2022-0514 Business Logic Errors in crater-invoice/crater
E S
CVE-2022-0515 Cross-Site Request Forgery (CSRF) in crater-invoice/crater
E S
CVE-2022-0516 A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM ...
S
CVE-2022-0517 Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker w...
CVE-2022-0518 Heap-based Buffer Overflow in radareorg/radare2
E S
CVE-2022-0519 Buffer Access with Incorrect Length Value in radareorg/radare2
E S
CVE-2022-0520 Use After Free in radareorg/radare2
E S
CVE-2022-0521 Access of Memory Location After End of Buffer in radareorg/radare2
E S
CVE-2022-0522 Access of Memory Location Before Start of Buffer in radareorg/radare2
E S
CVE-2022-0523 Use After Free in radareorg/radare2
E S
CVE-2022-0524 Business Logic Errors in publify/publify
E S
CVE-2022-0525 Out-of-bounds Read in mruby/mruby
E S
CVE-2022-0526 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
E S
CVE-2022-0527 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
E S
CVE-2022-0528 Server-Side Request Forgery (SSRF) in transloadit/uppy
E S
CVE-2022-0529 A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a loca...
E
CVE-2022-0530 A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a loca...
E
CVE-2022-0531 WPvivid Backup and Migration Plugin < 0.9.70 - Reflected Cross-Site Scripting
E
CVE-2022-0532 An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from ...
S
CVE-2022-0533 Ditty (formerly Ditty News Ticker) < 3.0.15 - Reflected Cross-Site Scripting (XSS)
E S
CVE-2022-0534 A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place i...
E S
CVE-2022-0535 E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS)
E S
CVE-2022-0536 Improper Removal of Sensitive Information Before Storage or Transfer in follow-redirects/follow-redirects
S
CVE-2022-0537 MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution
E
CVE-2022-0538 Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not b...
CVE-2022-0539 Cross-site Scripting (XSS) - Stored in ptrofimov/beanstalk_console
E S
CVE-2022-0540 A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by...
S
CVE-2022-0541 Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover
E
CVE-2022-0542 Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot
E S
CVE-2022-0543 It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone t...
KEV E S
CVE-2022-0544 An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing ...
CVE-2022-0545 An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability ...
S
CVE-2022-0546 A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds hea...
S
CVE-2022-0547 OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plu...
S
CVE-2022-0549 An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions star...
E
CVE-2022-0550 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0
S
CVE-2022-0551 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0
S
CVE-2022-0552 A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Lo...
S
CVE-2022-0553 Possible to retrieve uncrypted firmware image
E S
CVE-2022-0554 Use of Out-of-range Pointer Offset in vim/vim
E S
CVE-2022-0555 Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions...
CVE-2022-0556 A local privilege escalation vulnerability caused by incorrect permission assignment in some directo...
CVE-2022-0557 OS Command Injection in microweber/microweber
E S
CVE-2022-0558 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0559 Use After Free in radareorg/radare2
E S
CVE-2022-0560 Open Redirect in microweber/microweber
E S
CVE-2022-0561 Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_d...
E S
CVE-2022-0562 Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dir...
E S
CVE-2022-0563 A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The ...
CVE-2022-0564 Qlik Sense Enterprise Domain User enumeration
S
CVE-2022-0565 Cross-site Scripting in pimcore/pimcore
E S
CVE-2022-0566 It may be possible for an attacker to craft an email message that causes Thunderbird to perform an o...
CVE-2022-0567 A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker t...
CVE-2022-0569 Observable Discrepancy in snipe/snipe-it
E S
CVE-2022-0570 Heap-based Buffer Overflow in mruby/mruby
E S
CVE-2022-0571 Cross-site Scripting (XSS) - Reflected in phoronix-test-suite/phoronix-test-suite
E S
CVE-2022-0572 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0573 JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted ...
S
CVE-2022-0574 Improper Access Control in publify/publify
E S
CVE-2022-0575 Cross-site Scripting (XSS) - Stored in librenms/librenms
E S
CVE-2022-0576 Cross-site Scripting (XSS) - Generic in librenms/librenms
E S
CVE-2022-0577 Exposure of Sensitive Information to an Unauthorized Actor in scrapy/scrapy
E S
CVE-2022-0578 Code Injection in publify/publify
E S
CVE-2022-0579 Missing Authorization in snipe/snipe-it
E S
CVE-2022-0580 Incorrect Authorization in librenms/librenms
E S
CVE-2022-0581 Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of...
E
CVE-2022-0582 Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 all...
E
CVE-2022-0583 Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial o...
E
CVE-2022-0585 Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow de...
E
CVE-2022-0586 Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows den...
E
CVE-2022-0587 Improper Authorization in librenms/librenms
E S
CVE-2022-0588 Missing Authorization in librenms/librenms
E S
CVE-2022-0589 Cross-site Scripting (XSS) - Stored in librenms/librenms
E S
CVE-2022-0590 BulletProof Security < 5.8 - Admin+ Stored Cross-Site Scripting (XSS)
E
CVE-2022-0591 Formcraft3 < 3.8.28 - Unauthenticated SSRF
E
CVE-2022-0592 MapSVG < 6.2.20 - Unauthenticated SQLi
E
CVE-2022-0593 Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion
E
CVE-2022-0594 Shareaholic < 9.7.6 - Information Disclosure
E
CVE-2022-0595 Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS
E S
CVE-2022-0596 Improper Validation of Specified Quantity in Input in microweber/microweber
E S
CVE-2022-0597 Open Redirect in microweber/microweber
E S
CVE-2022-0598 Login with phone number < 1.3.8 - Multiple Admin+ Stored XSS
E
CVE-2022-0599 Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting
E
CVE-2022-0600 Conference Scheduler < 2.4.3 - Reflected Cross-Site Scripting
E
CVE-2022-0601 Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting
E S
CVE-2022-0602 Cross-site Scripting (XSS) - DOM in tastyigniter/tastyigniter
E S
CVE-2022-0603 Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote...
CVE-2022-0604 Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who c...
CVE-2022-0605 Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convi...
CVE-2022-0606 Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potenti...
CVE-2022-0607 Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potential...
CVE-2022-0608 Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potent...
CVE-2022-0609 Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to pot...
KEV
CVE-2022-0610 Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote...
CVE-2022-0611 Missing Authorization in snipe/snipe-it
E S
CVE-2022-0612 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
E S
CVE-2022-0613 Authorization Bypass Through User-Controlled Key in medialize/uri.js
E S
CVE-2022-0614 Use of Out-of-range Pointer Offset in mruby/mruby
E S
CVE-2022-0615 Use-after-free vulnerability in ESET products for Linux
CVE-2022-0616 Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF
E
CVE-2022-0617 A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the w...
E S
CVE-2022-0618 A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network pee...
CVE-2022-0619 Database Peek <= 1.2 - Reflected Cross-Site Scripting
E
CVE-2022-0620 Delete Old Orders <= 0.2 - Reflected Cross-Site Scripting
E
CVE-2022-0621 dTabs <= 1.4 - Reflected Cross-Site Scripting
E
CVE-2022-0622 Generation of Error Message Containing Sensitive Information in snipe/snipe-it
E S
CVE-2022-0623 Out-of-bounds Read in mruby/mruby
E S
CVE-2022-0624 Authorization Bypass Through User-Controlled Key in ionicabizau/parse-path
E S
CVE-2022-0625 Admin Menu Editor <= 1.0.4 - Reflected Cross-Site Scripting
E
CVE-2022-0626 Advanced Admin Search < 1.1.6 - Reflected Cross-Site Scripting
E
CVE-2022-0627 Amelia < 1.0.46 - Reflected Cross-Site Scripting
E
CVE-2022-0628 AP Mega Menu < 3.0.8 - Reflected Cross-Site Scripting
E
CVE-2022-0629 Stack-based Buffer Overflow in vim/vim
E S
CVE-2022-0630 Out-of-bounds Read in mruby/mruby
E S
CVE-2022-0631 Heap-based Buffer Overflow in mruby/mruby
E S
CVE-2022-0632 NULL Pointer Dereference in mruby/mruby
E S
CVE-2022-0633 UpdraftPlus Free < 1.22.3 & Premium < 2.22.3 - Subscriber+ Backup Download
E
CVE-2022-0634 ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF
E
CVE-2022-0635 Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific quer...
S
CVE-2022-0636 A denial of service vulnerability was reported in Lenovo Thin Installer prior to version 1.3.0039 th...
S
CVE-2022-0637 open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6...
CVE-2022-0638 Cross-Site Request Forgery (CSRF) in microweber/microweber
S
CVE-2022-0639 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
E S
CVE-2022-0640 AP Pricing Tables Lite < 1.1.5 - Reflected Cross-Site Scripting
E
CVE-2022-0641 Popup Like box < 3.6.1 - Reflected Cross-Site Scripting
E
CVE-2022-0642 JivoChat < 1.3.5.4 - Stored Cross-Site Scripting via CSRF
E
CVE-2022-0643 Bank Mellat <= 1.3.7 - Reflected Cross-Site Scripting
E
CVE-2022-0644 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-0645 Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog
E S
CVE-2022-0646 A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem w...
S
CVE-2022-0647 Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting
E
CVE-2022-0648 Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting
E
CVE-2022-0649 Adrotate < 5.8.23 - Admin+ XSS via Group Name
E
CVE-2022-0650 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat...
CVE-2022-0651 WP Statistics <= 13.1.5 Unauthenticated Blind SQL Injection via current_page_type
E S
CVE-2022-0652 Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure ac...
CVE-2022-0653 Profile Builder – User Profile & User Registration Forms <= 3.6.1 Reflected Cross-Site Scripting
E S
CVE-2022-0654 Exposure of Sensitive Information to an Unauthorized Actor in fgribreau/node-request-retry
E S
CVE-2022-0655 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-0656 uDraw < 3.3.3 - Unauthenticated Arbitrary File Access
E
CVE-2022-0657 5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi
E
CVE-2022-0658 CommonsBooking < 2.6.8 - Unauthenticated SQL Injection
E
CVE-2022-0659 Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0660 Generation of Error Message Containing Sensitive Information in microweber/microweber
E S
CVE-2022-0661 Ad Injection <= 1.2.0.19 - Admin+ Stored Cross-Site Scripting & RCE
E
CVE-2022-0662 Adrotate < 5.8.23 - Admin+ XSS via Advert Name
E
CVE-2022-0663 Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0664 Use of Hard-coded Cryptographic Key in gravitl/netmaker
E S
CVE-2022-0665 Path Traversal in pimcore/pimcore
E S
CVE-2022-0666 CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in microweber/microweber
E S
CVE-2022-0667 Assertion failure on delayed DS lookup
S
CVE-2022-0668 JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privile...
S
CVE-2022-0669 A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected num...
S
CVE-2022-0670 A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to ...
CVE-2022-0671 A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF...
CVE-2022-0672 A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized ...
CVE-2022-0673 A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files du...
CVE-2022-0674 Kunze Law < 2.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0675 Puppet Firewall Module May Leave Unmanaged Rules
CVE-2022-0676 Heap-based Buffer Overflow in radareorg/radare2
E S
CVE-2022-0677 Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144)
S
CVE-2022-0678 Cross-site Scripting (XSS) - Reflected in microweber/microweber
E S
CVE-2022-0679 Narnoo Distributor <= 2.5.1 - Unauthenticated LFI to Arbitrary File Read / RCE
E
CVE-2022-0680 Plezi < 1.0.3 - Unauthenticated Stored XSS
E
CVE-2022-0681 Simple Membership < 4.1.0 - Arbitrary Transaction Deletion via CSRF
E
CVE-2022-0683 Essential Addons for Elementor Lite <= 5.0.8 Reflected Cross-Site Scripting
S
CVE-2022-0684 WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0685 Use of Out-of-range Pointer Offset in vim/vim
E S
CVE-2022-0686 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
E S
CVE-2022-0687 Amelia < 1.0.46 - Manager+ RCE
E
CVE-2022-0688 Business Logic Errors in microweber/microweber
E S
CVE-2022-0689 Use multiple time the one-time coupon in microweber/microweber
E S
CVE-2022-0690 Cross-site Scripting (XSS) - Reflected in microweber/microweber
E S
CVE-2022-0691 Authorization Bypass Through User-Controlled Key in unshiftio/url-parse
E S
CVE-2022-0692 Open Redirect on Rudloff/alltube in rudloff/alltube
E S
CVE-2022-0693 Master Elements <= 8.0 - Unauthenticated SQLi
E
CVE-2022-0694 Advanced Booking Calendar < 1.7.0 - Unauthenticated SQL Injection
E S
CVE-2022-0695 Denial of Service in radareorg/radare2
E S
CVE-2022-0696 NULL Pointer Dereference in vim/vim
E S
CVE-2022-0697 Open Redirect in archivy/archivy
E S
CVE-2022-0698 Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on...
E
CVE-2022-0699 A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue...
E S
CVE-2022-0700 Simple Theme Options < 1.7 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0701 SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0702 Petfinder Listings <= 1.0.18 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0703 GD Mylist <= 1.1.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0704 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0705 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0706 Easy Digital Downloads < 2.11.6 - Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0707 Easy Digital Downloads < 2.11.6 - Arbitrary Payment Note Insertion via CSRF
E S
CVE-2022-0708 Team Creator's Email Address is disclosed to Team Members via one of the APIs
CVE-2022-0709 Booking Package < 1.5.29 - Unauthenticated Sensitive Data Disclosure
E
CVE-2022-0710 Header Footer Code Manager <= 1.1.16 Reflected XSS
CVE-2022-0711 A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Th...
S
CVE-2022-0712 NULL Pointer Dereference in radareorg/radare2
E S
CVE-2022-0713 Heap-based Buffer Overflow in radareorg/radare2
E S
CVE-2022-0714 Heap-based Buffer Overflow in vim/vim
E S
CVE-2022-0715 A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily ...
CVE-2022-0717 Out-of-bounds Read in mruby/mruby
E S
CVE-2022-0718 A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( " ) ...
E S
CVE-2022-0719 Cross-site Scripting (XSS) - Reflected in microweber/microweber
E S
CVE-2022-0720 Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data Disclosure
E
CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber
E S
CVE-2022-0722 Exposure of Sensitive Information to an Unauthorized Actor in ionicabizau/parse-url
E S
CVE-2022-0723 Cross-site Scripting (XSS) - Reflected in microweber/microweber
E S
CVE-2022-0724 Insecure Storage of Sensitive Information in microweber/microweber
E S
CVE-2022-0725 A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in sys...
CVE-2022-0726 Missing Authorization in chocobozzz/peertube
E S
CVE-2022-0727 Improper Access Control in chocobozzz/peertube
E S
CVE-2022-0728 Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0729 Use of Out-of-range Pointer Offset in vim/vim
E S
CVE-2022-0730 Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types....
CVE-2022-0731 Improper Access Control (IDOR) in dolibarr/dolibarr
E S
CVE-2022-0732 The backend infrastructure shared by multiple mobile device monitoring services does not adequately ...
CVE-2022-0734 A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series fi...
CVE-2022-0735 An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6....
CVE-2022-0736 Insecure Temporary File in mlflow/mlflow
E S
CVE-2022-0737 Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0738 An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all ...
CVE-2022-0739 BookingPress < 1.0.11 - Unauthenticated SQL Injection
E S
CVE-2022-0740 Incorrect authorization in the Asana integration's branch restriction feature in all versions of Git...
CVE-2022-0741 Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an a...
CVE-2022-0742 Memory leak in ICMP6 in Linux Kernel
S
CVE-2022-0743 Cross-site Scripting (XSS) - Stored in getgrav/grav
E S
CVE-2022-0745 Like Button Rating < 2.6.45 - Arbitrary e-mail Sending
E
CVE-2022-0746 Business Logic Errors in dolibarr/dolibarr
E S
CVE-2022-0747 Infographic Maker - iList < 4.3.8 - Unauthenticated SQL Injection
E S
CVE-2022-0748 Arbitrary Code Execution
E
CVE-2022-0749 Deserialization of Untrusted Data
E
CVE-2022-0750 The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insuffi...
E
CVE-2022-0751 Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE al...
CVE-2022-0752 Cross-site Scripting (XSS) - Generic in hestiacp/hestiacp
E S
CVE-2022-0753 Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp
E S
CVE-2022-0754 SQL Injection in salesagility/suitecrm
E S
CVE-2022-0755 Missing Authorization in salesagility/suitecrm
E S
CVE-2022-0756 Missing Authorization in salesagility/suitecrm
E S
CVE-2022-0757 Rapid7 Nexpose SQL Injection
CVE-2022-0758 Rapid7 Nexpose Reflected XSS
CVE-2022-0759 A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for...
S
CVE-2022-0760 Simple Link Directory < 7.7.2 - Unauthenticated SQL injection
E S
CVE-2022-0762 Incorrect Authorization in microweber/microweber
E S
CVE-2022-0763 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0764 Arbitrary Command Injection in strapi/strapi
E S
CVE-2022-0765 Loco Translate < 2.6.1 - Authenticated Stored Cross-Site Scripting
E
CVE-2022-0766 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
E S
CVE-2022-0767 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
E S
CVE-2022-0768 Server-Side Request Forgery (SSRF) in rudloff/alltube
E S
CVE-2022-0769 Users Ultra <= 3.1.0 - Unauthenticated SQL Injection
E
CVE-2022-0770 Translate WordPress with GTranslate < 2.9.9 - CSRF to Account Takeover
E
CVE-2022-0771 SiteSuperCharger < 5.2.0 - Unauthenticated SQLi
E
CVE-2022-0772 Cross-site Scripting (XSS) - Stored in librenms/librenms
E S
CVE-2022-0773 Documentor <= 1.5.3 - Unauthenticated SQLi
E
CVE-2022-0775 WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
E S
CVE-2022-0776 Cross-site Scripting (XSS) - DOM in hakimel/reveal.js
E S
CVE-2022-0777 Weak Password Recovery Mechanism for Forgotten Password in microweber/microweber
E S
CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates
CVE-2022-0779 User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal
E
CVE-2022-0780 SearchIQ < 3.9 - Unauthenticated Stored XSS
E
CVE-2022-0781 Nirweb support < 2.8.2 - Unauthenticated SQLi
E
CVE-2022-0782 Donations <= 1.8 - Unauthenticated SQLi
E
CVE-2022-0783 Multiple Shipping Address Woocommerce < 2.0 - Unauthenticated SQLi
E
CVE-2022-0784 Title Experiments Free < 9.0.1 - Unauthenticated SQLi
E
CVE-2022-0785 Daily Prayer Time < 2022.03.01 - Unauthenticated SQLi
E
CVE-2022-0786 KiviCare < 2.3.9 - Unauthenticated SQLi
E
CVE-2022-0787 Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi
E
CVE-2022-0788 WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
E
CVE-2022-0789 Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to po...
E
CVE-2022-0790 Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convi...
CVE-2022-0791 Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convi...
CVE-2022-0792 Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to pote...
CVE-2022-0793 Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a us...
E
CVE-2022-0794 Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who conv...
CVE-2022-0795 Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to p...
CVE-2022-0796 Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentia...
CVE-2022-0797 Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker...
CVE-2022-0798 Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinc...
CVE-2022-0799 Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allow...
CVE-2022-0800 Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who...
CVE-2022-0801 Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote ...
CVE-2022-0802 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 a...
CVE-2022-0803 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote ...
CVE-2022-0804 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 a...
CVE-2022-0805 Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker ...
CVE-2022-0806 Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a...
CVE-2022-0807 Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote att...
CVE-2022-0808 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remo...
CVE-2022-0809 Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacke...
CVE-2022-0811 A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with ...
CVE-2022-0812 An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Lin...
S
CVE-2022-0813 PhpMyAdmin exposure of sensitive information
S
CVE-2022-0814 Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi
E
CVE-2022-0815 McAfee WebAdvisor - Extension Fingerprinting vulnerability
CVE-2022-0817 BadgeOS <= 3.7.0 - Unauthenticated SQLi
E
CVE-2022-0818 Coupon Affiliates < 4.16.4.5 - Unauthenticated Stored XSS
E
CVE-2022-0819 Code Injection in dolibarr/dolibarr
E S
CVE-2022-0820 Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
E S
CVE-2022-0821 Improper Authorization in orchardcms/orchardcore
E S
CVE-2022-0822 Cross-site Scripting (XSS) - Reflected in orchardcms/orchardcore
E S
CVE-2022-0823 An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could all...
S
CVE-2022-0824 Improper Access Control to Remote Code Execution in webmin/webmin
E S
CVE-2022-0825 Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update
E S
CVE-2022-0826 WP Video Gallery <= 1.7.1 - Unauthenticated SQLi
E
CVE-2022-0827 Bestbooks <= 2.6.3 - Unauthenticated SQLi
E
CVE-2022-0828 Download Manager < 3.2.39 - Unauthenticated brute force of files master key
E
CVE-2022-0829 Improper Authorization in webmin/webmin
E S
CVE-2022-0830 FormBuilder <= 1.08 - Stored Cross-Site Scripting via CSRF
E
CVE-2022-0831 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0832 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0833 Church Admin < 3.4.135 - Unauthenticated Plugin's Backup Disclosure
E
CVE-2022-0834 The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and s...
CVE-2022-0835 AVEVA System Platform Cleartext Storage of Sensitive Information in Memory
S
CVE-2022-0836 SEMA API < 4.02 - Unauthenticated SQLi
E
CVE-2022-0837 Amelia < 1.0.48 - Customer+ SMS Service Abuse and Sensitive Data Disclosure
E
CVE-2022-0838 Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp
E S
CVE-2022-0839 Improper Restriction of XML External Entity Reference in liquibase/liquibase
E S
CVE-2022-0840 Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon
E
CVE-2022-0841 OS Command Injection in ljharb/npm-lockfile
E S
CVE-2022-0842 ePO blind SQL Injection vulnerability
CVE-2022-0843 Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs p...
CVE-2022-0844 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-0845 Code Injection in pytorchlightning/pytorch-lightning
E S
CVE-2022-0846 SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi
E
CVE-2022-0847 A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper i...
KEV E S
CVE-2022-0848 OS Command Injection in part-db/part-db
E S
CVE-2022-0849 Use After Free in r_reg_get_name_idx in radareorg/radare2
E S
CVE-2022-0850 A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header t...
E S
CVE-2022-0851 There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the acti...
E
CVE-2022-0852 There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-ma...
E S
CVE-2022-0853 A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-...
E
CVE-2022-0854 A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_D...
E
CVE-2022-0855 Improper Resolution of Path Equivalence in microweber-dev/whmcs_plugin
E S
CVE-2022-0856 libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to c...
E
CVE-2022-0857 ePO Reflected Cross-site scripting vulnerability
CVE-2022-0858 Cross-site scripting vulnerability in ePO
CVE-2022-0859 ePO database restoration vulnerability
CVE-2022-0860 Improper Authorization in cobbler/cobbler
E S
CVE-2022-0861 ePO XML extended entity vulnerability
CVE-2022-0862 ePO password change vulnerability
CVE-2022-0863 WP SVG Icons <= 3.2.3 - Admin+ Remote Code Execution (RCE)
E
CVE-2022-0864 UpdraftPlus < 1.22.9 - Reflected Cross-Site Scripting
E
CVE-2022-0865 Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a c...
E S
CVE-2022-0866 This is a concurrency issue that can result in the wrong caller principal being returned from the se...
M
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi
E
CVE-2022-0868 Open Redirect in medialize/uri.js
E S
CVE-2022-0869 Multiple Open Redirect in nitely/spirit
E S
CVE-2022-0870 Server-Side Request Forgery (SSRF) in gogs/gogs
E S
CVE-2022-0871 Missing Authorization in gogs/gogs
E S
CVE-2022-0873 Gmedia Photo Gallery < 1.20.0 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0874 WP Social Buttons <= 2.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0875 miniOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting
E
CVE-2022-0876 Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0877 Cross-site Scripting (XSS) - Stored in bookstackapp/bookstack
E S
CVE-2022-0878 Novel attack against the Combined Charging System (CCS) in electric vehicles to remotely cause a denial of service
E M
CVE-2022-0879 Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting
E
CVE-2022-0880 Cross-site Scripting (XSS) - Stored in star7th/showdoc
E S
CVE-2022-0881 Insecure Storage of Sensitive Information in chocobozzz/peertube
E S
CVE-2022-0882 Illegal access to Kernel log in Fuchsia
E
CVE-2022-0883 Windows Unquoted/Trusted Service Paths
S
CVE-2022-0884 Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0885 Member Hero <= 1.0.9 - Unauthenticated RCE
E
CVE-2022-0886 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27666. Reason: This candidat...
R
CVE-2022-0887 Easy Social Icons < 3.1.4 - Admin+ SQL Injection
E
CVE-2022-0888 The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads du...
E S
CVE-2022-0889 The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scri...
CVE-2022-0890 NULL Pointer Dereference in mruby/mruby
E S
CVE-2022-0891 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3....
E S
CVE-2022-0892 Export All URLs < 4.2 - Reflected Cross-Site Scripting
E
CVE-2022-0893 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0894 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0895 Static Code Injection in microweber/microweber
E S
CVE-2022-0896 Improper Neutralization of Special Elements Used in a Template Engine in microweber/microweber
E S
CVE-2022-0897 A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed ...
CVE-2022-0898 IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0899 Header Footer Code Manager < 1.1.24 - Reflected Cross-Site Scripting
E
CVE-2022-0900 Cross-Site Scripting Vulnerability in DivvyDrive
S
CVE-2022-0901 Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting
E
CVE-2022-0902 ABB Flow Computer and Remote Controllers Path Traversal Vulnerability in Totalflow TCP protocol can lead to root access
M
CVE-2022-0903 Stack overflow in SAML login in Mattermost
S
CVE-2022-0904 Stack overflow in document extractor in Mattermost
S
CVE-2022-0905 Missing Authorization in go-gitea/gitea
E S
CVE-2022-0906 Unrestricted file upload leads to stored XSS in microweber/microweber
E S
CVE-2022-0907 Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to ...
E S
CVE-2022-0908 Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_d...
E S
CVE-2022-0909 Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via ...
E S
CVE-2022-0910 A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI pro...
CVE-2022-0911 Cross-site Scripting (XSS) - Stored in pimcore/pimcore
E S
CVE-2022-0912 Unrestricted Upload of File with Dangerous Type in microweber/microweber
E S
CVE-2022-0913 Integer Overflow or Wraparound in microweber/microweber
E S
CVE-2022-0914 Export All URLs < 4.3 - Private/Draft Post/Page Title Disclosure via CSRF
E
CVE-2022-0915 Logitech Sync desktop application prior to 2.4.574 - TOCTOU during installation leads to privelege escalation
S
CVE-2022-0916 Broken authentication on Logitech Options due to misvalidation of Oauth state parameter
S
CVE-2022-0918 A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker w...
S
CVE-2022-0919 Salon booking system < 7.6.3 - Unauthenticated Sensitive Data Disclosure
E
CVE-2022-0920 Salon booking system < 7.6.3 - Customer+ Bookings/Customers Data Disclosure
E
CVE-2022-0921 Abusing Backup/Restore feature to achieve Remote Code Execution in microweber/microweber
E S
CVE-2022-0922 ICSMA-22-088-01 Philips e-Alert
M
CVE-2022-0923 Delta Electronics DIAEnergie SQL Injection in HandlerDialog_KID.ashx
S
CVE-2022-0924 Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service vi...
E S
CVE-2022-0925 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2022-0926 File upload filter bypass leading to stored XSS in microweber/microweber
E S
CVE-2022-0928 Cross-site Scripting (XSS) - Stored in microweber/microweber
E S
CVE-2022-0929 XSS on dynamic_text module in microweber/microweber
E S
CVE-2022-0930 File upload filter bypass leading to stored XSS in microweber/microweber
E S
CVE-2022-0931 Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has...
R
CVE-2022-0932 Missing Authorization in saleor/saleor
E S
CVE-2022-0934 A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an att...
S
CVE-2022-0935 Host Header injection in password Reset in livehelperchat/livehelperchat
E S
CVE-2022-0936 Cross-site Scripting (XSS) - Stored in autolab/autolab
E S
CVE-2022-0937 Stored xss in showdoc through file upload in star7th/showdoc
E S
CVE-2022-0938 Stored XSS via file upload in star7th/showdoc
E S
CVE-2022-0939 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
E S
CVE-2022-0940 Stored XSS due to Unrestricted File Upload in star7th/showdoc
E S
CVE-2022-0941 Stored XSS due to Unrestricted File Upload in star7th/showdoc
E S
CVE-2022-0942 Stored XSS due to Unrestricted File Upload in star7th/showdoc
E S
CVE-2022-0943 Heap-based Buffer Overflow occurs in vim in vim/vim
E S
CVE-2022-0944 Template injection in connection test endpoint leads to RCE in sqlpad/sqlpad
E S
CVE-2022-0945 Stored XSS viva axd and cshtml file upload in star7th/showdoc in star7th/showdoc
E S
CVE-2022-0946 Stored XSS viva cshtm file upload in star7th/showdoc
E S
CVE-2022-0947 Arctic Wireless Gateway Firewall vulnerability
M
CVE-2022-0948 Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi
E
CVE-2022-0949 WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi
E
CVE-2022-0950 Unrestricted Upload of File with Dangerous Type in star7th/showdoc
E S
CVE-2022-0951 File Upload Restriction Bypass leading to Stored XSS Vulnerability in star7th/showdoc
E S
CVE-2022-0952 Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update
E
CVE-2022-0953 Anti-Malware Security and Brute-Force Firewall < 4.20.96 - Reflected Cross-Site Scripting
E
CVE-2022-0954 Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in microweber/microweber
E S
CVE-2022-0955 Cross-site Scripting (XSS) - Stored in pimcore/data-hub
E S
CVE-2022-0956 Stored XSS via File Upload in star7th/showdoc
E S
CVE-2022-0957 Stored XSS via File Upload in star7th/showdoc
E S
CVE-2022-0958 Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0959 A malicious, but authorised and authenticated user can construct an HTTP request using their existin...
CVE-2022-0960 Stored XSS viva .properties file upload in star7th/showdoc
E S
CVE-2022-0961 The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber
E S
CVE-2022-0962 Stored XSS viva .webma file upload in star7th/showdoc
E S
CVE-2022-0963 Unrestricted XML Files Leads to Stored XSS in microweber/microweber
E S
CVE-2022-0964 Stored XSS viva .webmv file upload in star7th/showdoc
E S
CVE-2022-0965 Stored XSS viva .ofd file upload in star7th/showdoc
E S
CVE-2022-0966 Stored XSS via File Upload in star7th/showdoc in star7th/showdoc
E S
CVE-2022-0967 Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in star7th/showdoc
E S
CVE-2022-0968 The microweber application allows large characters to insert in the input field "fist & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in microweber/microweber
E S
CVE-2022-0969 Image optimization & Lazy Load < 3.3.2 - Admin+ Stored Cross-Site Scripting
E S
CVE-2022-0970 Cross-site Scripting (XSS) - Stored in getgrav/grav
E S
CVE-2022-0971 Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote at...
E S
CVE-2022-0972 Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convince...
E S
CVE-2022-0973 Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to ...
E S
CVE-2022-0974 Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote a...
E S
CVE-2022-0975 Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentia...
E S
CVE-2022-0976 Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to pote...
E S
CVE-2022-0977 Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote at...
E S
CVE-2022-0978 Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentia...
E S
CVE-2022-0979 Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote a...
E S
CVE-2022-0980 Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convin...
E S
CVE-2022-0981 A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web ...
E
CVE-2022-0982 Buffer Overflow via crafted client request in Accel-PPP v1.12
CVE-2022-0983 An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the ...
CVE-2022-0984 Users with the capability to configure badge criteria (teachers and managers by default) were able t...
CVE-2022-0985 Insufficient capability checks could allow users with the moodle/site:uploadusers capability to dele...
S
CVE-2022-0986 Reflected Cross-site Scripting (XSS) Vulnerability in hestiacp/hestiacp
E S
CVE-2022-0987 A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface e...
CVE-2022-0988 Delta Electronics DIAEnergie CLEARTEXT Transmission of Sensitive Information
S
CVE-2022-0989 NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality
E
CVE-2022-0990 Server-Side Request Forgery (SSRF) in janeczku/calibre-web
E S
CVE-2022-0991 Insufficient Session Expiration in admidio/admidio
E S
CVE-2022-0992 The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unau...
E
CVE-2022-0993 The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unau...
CVE-2022-0994 Hummingbird < 3.3.2 - Admin+ Stored Cross-Site Scripting
E
CVE-2022-0995 An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notificat...
E S
CVE-2022-0996 A vulnerability was found in the 389 Directory Server that allows expired passwords to access the da...
E
CVE-2022-0997 Local Privilege Escalation Vulnerability in Fidelis Network and Deception
S
CVE-2022-0998 An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user...
S
CVE-2022-0999 mySCADA myPRO Command Injection
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.