Export limit exceeded: 363165 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2714 | 1 Rosariosis | 1 Rosariosis | 2024-11-21 | 9.8 Critical |
| Improper Handling of Length Parameter Inconsistency in GitHub repository francoisjacquet/rosariosis prior to 10.0. | ||||
| CVE-2022-2652 | 1 V4l2loopback Project | 1 V4l2loopback | 2024-11-21 | 6.0 Medium |
| Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row). | ||||
| CVE-2022-2639 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2024-11-21 | 7.8 High |
| An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-2625 | 3 Fedoraproject, Postgresql, Redhat | 8 Fedora, Postgresql, Enterprise Linux and 5 more | 2024-11-21 | 8.0 High |
| A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser. | ||||
| CVE-2022-2619 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 Medium |
| Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page. | ||||
| CVE-2022-2605 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2600 | 1 Auto-hyperlink Urls Project | 1 Auto-hyperlink Urls | 2024-11-21 | 5.4 Medium |
| The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set rel="noopener noreferer" on generated links, which can lead to Tab Nabbing by giving the target site access to the source tab through the window.opener DOM object. | ||||
| CVE-2022-2581 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. | ||||
| CVE-2022-2580 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. | ||||
| CVE-2022-2571 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0101. | ||||
| CVE-2022-2564 | 1 Mongoosejs | 1 Mongoose | 2024-11-21 | 9.8 Critical |
| Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6. | ||||
| CVE-2022-2522 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. | ||||
| CVE-2022-2520 | 3 Debian, Libtiff, Redhat | 3 Debian Linux, Libtiff, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. | ||||
| CVE-2022-2493 | 1 Open-emr | 1 Openemr | 2024-11-21 | 8.1 High |
| Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0. | ||||
| CVE-2022-2471 | 1 Ezviz | 10 Cs-c3w-a0-3h4wfrl, Cs-c3w-a0-3h4wfrl Firmware, Cs-c6n-a0-1c2wfr and 7 more | 2024-11-21 | 9.9 Critical |
| Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723. | ||||
| CVE-2022-2469 | 2 Debian, Gnu | 2 Debian Linux, Gnu Sasl | 2024-11-21 | 3.8 Low |
| GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client | ||||
| CVE-2022-2454 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. | ||||
| CVE-2022-2402 | 1 Eset | 2 Endpoint Encryption, Full Disk Encryption | 2024-11-21 | 6.5 Medium |
| The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. | ||||
| CVE-2022-2344 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. | ||||
| CVE-2022-2343 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. | ||||