Export limit exceeded: 80546 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80546 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34588 | 1 Advanced School Management System Project | 1 Advanced School Management System | 2024-11-21 | 8.8 High |
| itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php. | ||||
| CVE-2022-34586 | 1 Advanced School Management System Project | 1 Advanced School Management System | 2024-11-21 | 8.8 High |
| itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php. | ||||
| CVE-2022-34578 | 1 Opensourcepos | 1 Open Source Point Of Sale | 2024-11-21 | 7.2 High |
| Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page. | ||||
| CVE-2022-34576 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2024-11-21 | 7.5 High |
| A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | ||||
| CVE-2022-34571 | 1 Wavlink | 1 Wifi-repeater Firmware | 2024-11-21 | 8.0 High |
| An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml. | ||||
| CVE-2022-34570 | 1 Wavlink | 2 Wl-wn579x3, Wl-wn579x3 Firmware | 2024-11-21 | 7.5 High |
| WAVLINK WN579 X3 M79X3.V5030.191012/M79X3.V5030.191012 contains an information leak which allows attackers to obtain the key information via accessing the messages.txt page. | ||||
| CVE-2022-34568 | 1 Libsdl | 1 Simple Directmedia Layer | 2024-11-21 | 7.5 High |
| SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDL_x11yuv.c. | ||||
| CVE-2022-34567 | 1 Uthscsa | 1 Multi-image Analysis Gui | 2024-11-21 | 8.8 High |
| An issue in \Roaming\Mango\Plugins of University of Texas Multi-image Analysis GUI (Mango) 4.1 allows attackers to escalate privileges via crafted plugins. | ||||
| CVE-2022-34557 | 1 Barangay Management System Project | 1 Barangay Management System | 2024-11-21 | 8.8 High |
| Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php. | ||||
| CVE-2022-34549 | 1 Sims Project | 1 Sims | 2024-11-21 | 8.8 High |
| Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file. | ||||
| CVE-2022-34540 | 1 Dw | 2 Megapix, Megapix Firmware | 2024-11-21 | 8.8 High |
| Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/license/license_tok.cgi. This vulnerability is exploitable via a crafted POST request. | ||||
| CVE-2022-34539 | 1 Dw | 2 Megapix, Megapix Firmware | 2024-11-21 | 8.8 High |
| Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/curltest.cgi. This vulnerability is exploitable via a crafted POST request. | ||||
| CVE-2022-34538 | 1 Dw | 2 Megapix, Megapix Firmware | 2024-11-21 | 8.8 High |
| Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command injection vulnerability in the component /admin/vca/bia/addacph.cgi. This vulnerability is exploitable via a crafted POST request. | ||||
| CVE-2022-34536 | 1 Dw | 2 Megapix, Megapix Firmware | 2024-11-21 | 7.5 High |
| Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows attackers to access the core log file and perform session hijacking via a crafted session token. | ||||
| CVE-2022-34535 | 1 Dw | 2 Megapix, Megapix Firmware | 2024-11-21 | 7.5 High |
| Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 allows unauthenticated attackers to view internal paths and scripts via web files. | ||||
| CVE-2022-34534 | 1 Dw | 2 Spectrum Server, Spectrum Server Firmware | 2024-11-21 | 7.5 High |
| Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call. | ||||
| CVE-2022-34528 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-11-21 | 8.8 High |
| D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue. | ||||
| CVE-2022-34527 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-11-21 | 8.8 High |
| D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. | ||||
| CVE-2022-34486 | 1 Pukiwiki | 1 Pukiwiki | 2024-11-21 | 7.2 High |
| Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors. | ||||
| CVE-2022-34465 | 1 Siemens | 2 Parasolid, Simcenter Femap | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420) | ||||