Export limit exceeded: 336363 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15160 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1233 | 1 Uri.js Project | 1 Uri.js | 2024-11-21 | 6.1 Medium |
| URL Confusion When Scheme Not Supplied in GitHub repository medialize/uri.js prior to 1.19.11. | ||||
| CVE-2022-1115 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 5.5 Medium |
| A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion, potentially leading to a denial of service. | ||||
| CVE-2022-0935 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.8 High |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | ||||
| CVE-2022-0741 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.8 Medium |
| Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses. | ||||
| CVE-2022-0729 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 8.8 High |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. | ||||
| CVE-2022-0614 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. | ||||
| CVE-2022-0554 | 5 Apple, Debian, Fedoraproject and 2 more | 5 Macos, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.8 High |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-0522 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 7.1 High |
| Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. | ||||
| CVE-2022-0521 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 7.1 High |
| Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. | ||||
| CVE-2022-0519 | 2 Fedoraproject, Radare | 2 Fedora, Radare2 | 2024-11-21 | 7.1 High |
| Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. | ||||
| CVE-2022-0500 | 4 Fedoraproject, Linux, Netapp and 1 more | 21 Fedora, Linux Kernel, H300e and 18 more | 2024-11-21 | 7.8 High |
| A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. | ||||
| CVE-2022-0496 | 1 Openscad | 1 Openscad | 2024-11-21 | 5.5 Medium |
| A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import(). | ||||
| CVE-2022-0450 | 1 Freshlightlab | 1 Menu Image\, Icons Made Easy | 2024-11-21 | 5.4 Medium |
| The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend | ||||
| CVE-2022-0318 | 4 Apple, Debian, Redhat and 1 more | 4 Macos, Debian Linux, Enterprise Linux and 1 more | 2024-11-21 | 9.8 Critical |
| Heap-based Buffer Overflow in vim/vim prior to 8.2. | ||||
| CVE-2022-0220 | 1 Welaunch | 1 Wordpress Gdpr\&ccpa | 2024-11-21 | 6.1 Medium |
| The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. Due to v1.9.26 adding a CSRF check, the XSS is only exploitable against unauthenticated users (as they all share the same nonce) | ||||
| CVE-2022-0124 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.3 Medium |
| An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack. | ||||
| CVE-2021-4204 | 4 Debian, Linux, Netapp and 1 more | 15 Debian Linux, Linux Kernel, H300s and 12 more | 2024-11-21 | 7.1 High |
| An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. | ||||
| CVE-2021-4157 | 5 Fedoraproject, Linux, Netapp and 2 more | 18 Fedora, Linux Kernel, H300e and 15 more | 2024-11-21 | 8.0 High |
| An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system. | ||||
| CVE-2021-4136 | 3 Apple, Fedoraproject, Vim | 4 Mac Os X, Macos, Fedora and 1 more | 2024-11-21 | 7.8 High |
| vim is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2021-4068 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.5 Medium |
| Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||