Export limit exceeded: 21027 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2112 | 1 Inventree Project | 1 Inventree | 2024-11-21 | 8.8 High |
| Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2. | ||||
| CVE-2022-2099 | 1 Woocommerce | 1 Woocommerce | 2024-11-21 | 4.8 Medium |
| The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles | ||||
| CVE-2022-2078 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux and 3 more | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. | ||||
| CVE-2022-2061 | 1 Chafa Project | 1 Chafa | 2024-11-21 | 3.3 Low |
| Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. | ||||
| CVE-2022-2037 | 1 Tooljet | 1 Tooljet | 2024-11-21 | 8.0 High |
| Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0. | ||||
| CVE-2022-2027 | 1 Kromit | 1 Titra | 2024-11-21 | 8.0 High |
| Improper Neutralization of Formula Elements in a CSV File in GitHub repository kromitgmbh/titra prior to 0.77.0. | ||||
| CVE-2022-2010 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 9.3 Critical |
| Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2022-29885 | 3 Apache, Debian, Oracle | 3 Tomcat, Debian Linux, Hospitality Cruise Shipboard Property Management System | 2024-11-21 | 7.5 High |
| The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. | ||||
| CVE-2022-29824 | 6 Debian, Fedoraproject, Netapp and 3 more | 26 Debian Linux, Fedora, Active Iq Unified Manager and 23 more | 2024-11-21 | 6.5 Medium |
| In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. | ||||
| CVE-2022-29820 | 1 Jetbrains | 1 Pycharm | 2024-11-21 | 3 Low |
| In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible | ||||
| CVE-2022-29812 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 2.3 Low |
| In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient | ||||
| CVE-2022-29797 | 1 Huawei | 2 Cv81-wdm, Cv81-wdm Firmware | 2024-11-21 | 9.8 Critical |
| There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation. | ||||
| CVE-2022-29654 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | 5.5 Medium |
| Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file. | ||||
| CVE-2022-29599 | 3 Apache, Debian, Redhat | 8 Maven Shared Utils, Debian Linux, Enterprise Linux and 5 more | 2024-11-21 | 9.8 Critical |
| In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. | ||||
| CVE-2022-29591 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 9.8 Critical |
| Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. | ||||
| CVE-2022-29537 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box. | ||||
| CVE-2022-29510 | 1 Intel | 72 Compute Module Hns2600bp, Compute Module Hns2600bp Firmware, Compute Module Hns2600bpb and 69 more | 2024-11-21 | 7.5 High |
| Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-29506 | 1 Fujielectric | 2 V-server, V-sft | 2024-11-21 | 7.8 High |
| Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | ||||
| CVE-2022-29368 | 1 Moddable | 1 Moddable | 2024-11-21 | 7.1 High |
| Moddable commit before 135aa9a4a6a9b49b60aa730ebc3bcc6247d75c45 was discovered to contain an out-of-bounds read via the function fxUint8Getter at /moddable/xs/sources/xsDataView.c. | ||||
| CVE-2022-29358 | 1 Epub2txt2 Project | 1 Epub2txt2 | 2024-11-21 | 5.5 Medium |
| epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file. | ||||