Export limit exceeded: 363165 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45925 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-2714 1 Rosariosis 1 Rosariosis 2024-11-21 9.8 Critical
Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0.
CVE-2022-2652 1 V4l2loopback Project 1 V4l2loopback 2024-11-21 6.0 Medium
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row).
CVE-2022-2639 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more 2024-11-21 7.8 High
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-2625 3 Fedoraproject, Postgresql, Redhat 8 Fedora, Postgresql, Enterprise Linux and 5 more 2024-11-21 8.0 High
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
CVE-2022-2619 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 4.3 Medium
Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page.
CVE-2022-2605 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 6.5 Medium
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2600 1 Auto-hyperlink Urls Project 1 Auto-hyperlink Urls 2024-11-21 5.4 Medium
The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object.
CVE-2022-2581 1 Vim 1 Vim 2024-11-21 7.8 High
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.
CVE-2022-2580 1 Vim 1 Vim 2024-11-21 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVE-2022-2571 1 Vim 1 Vim 2024-11-21 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101.
CVE-2022-2564 1 Mongoosejs 1 Mongoose 2024-11-21 9.8 Critical
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6.
CVE-2022-2522 1 Vim 1 Vim 2024-11-21 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVE-2022-2520 3 Debian, Libtiff, Redhat 3 Debian Linux, Libtiff, Enterprise Linux 2024-11-21 6.5 Medium
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.
CVE-2022-2493 1 Open-emr 1 Openemr 2024-11-21 8.1 High
Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.
CVE-2022-2471 1 Ezviz 10 Cs-c3w-a0-3h4wfrl, Cs-c3w-a0-3h4wfrl Firmware, Cs-c6n-a0-1c2wfr and 7 more 2024-11-21 9.9 Critical
Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723.
CVE-2022-2469 2 Debian, Gnu 2 Debian Linux, Gnu Sasl 2024-11-21 3.8 Low
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client
CVE-2022-2454 1 Gpac 1 Gpac 2024-11-21 7.8 High
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.
CVE-2022-2402 1 Eset 2 Endpoint Encryption, Full Disk Encryption 2024-11-21 6.5 Medium
The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD.
CVE-2022-2344 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
CVE-2022-2343 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.