Export limit exceeded: 349343 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80116 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80116 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24578 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| GPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c. | ||||
| CVE-2022-24577 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| GPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen. (gf_utf8_wcslen is a renamed Unicode utf8_wcslen function.) | ||||
| CVE-2022-24575 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box. | ||||
| CVE-2022-24551 | 1 Starwindsoftware | 2 Nas, San | 2024-11-21 | 8.8 High |
| A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password (including system/administrator user) using any available user This affects StarWind SAN and NAS v0.2 build 1633. | ||||
| CVE-2022-24440 | 1 Cocoapods | 1 Cocoapods-downloader | 2024-11-21 | 8.1 High |
| The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocess_options function and using git, both the git and branch parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection. | ||||
| CVE-2022-24434 | 1 Dicer Project | 1 Dicer | 2024-11-21 | 7.5 High |
| This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes. | ||||
| CVE-2022-24433 | 1 Simple-git Project | 1 Simple-git | 2024-11-21 | 8.1 High |
| The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and branch parameters are passed to the git fetch subcommand. By injecting some git options it was possible to get arbitrary command execution. | ||||
| CVE-2022-24429 | 1 Convert-svg-core Project | 1 Convert-svg-core | 2024-11-21 | 7.5 High |
| The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file. | ||||
| CVE-2022-24426 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-11-21 | 7.8 High |
| Dell Command | Update, Dell Update, and Alienware Update version 4.4.0 contains a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||
| CVE-2022-24424 | 1 Dell | 1 Emc Appsync | 2024-11-21 | 7.5 High |
| Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. | ||||
| CVE-2022-24421 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24420 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24419 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24418 | 1 Dell | 56 Dell G5 5505, Dell G5 5505 Firmware, Inspiron 22-3275 and 53 more | 2024-11-21 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24417 | 1 Dell | 56 Dell G5 5505, Dell G5 5505 Firmware, Inspiron 22-3275 and 53 more | 2024-11-21 | 7.5 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24416 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24415 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2024-11-21 | 8.2 High |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | ||||
| CVE-2022-24414 | 1 Dell | 1 Cloudlink | 2024-11-21 | 7.6 High |
| Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks. | ||||
| CVE-2022-24412 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.5 High |
| Dell EMC PowerScale OneFS 8.2.x - 9.3.0.x contain an improper handling of value vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to denial-of-service. | ||||
| CVE-2022-24411 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 7.8 High |
| Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees. | ||||