Export limit exceeded: 348707 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79820 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1939 | 1 Allow Svg Files Project | 1 Allow Svg Files | 2024-11-21 | 7.2 High |
| The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to | ||||
| CVE-2022-1934 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-1931 | 1 Trudesk Project | 1 Trudesk | 2024-11-21 | 8.1 High |
| Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. | ||||
| CVE-2022-1927 | 4 Apple, Fedoraproject, Redhat and 1 more | 5 Macos, Fedora, Enterprise Linux and 2 more | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1919 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1908 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1907 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1903 | 1 Armemberplugin | 1 Armember | 2024-11-21 | 8.1 High |
| The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username | ||||
| CVE-2022-1902 | 1 Redhat | 1 Advanced Cluster Security | 2024-11-21 | 8.8 High |
| A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifiers from the GraphQL API, revealing secrets that can escalate their privileges. | ||||
| CVE-2022-1898 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1886 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1883 | 1 Camptocamp | 1 Terraboard | 2024-11-21 | 8.8 High |
| SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. | ||||
| CVE-2022-1882 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, H300e, H300e Firmware and 15 more | 2024-11-21 | 7.8 High |
| A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-1876 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1874 | 2 Apple, Google | 2 Macos, Chrome | 2024-11-21 | 8.8 High |
| Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | ||||
| CVE-2022-1870 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | ||||
| CVE-2022-1866 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1865 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||
| CVE-2022-1864 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||
| CVE-2022-1863 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||