Export limit exceeded: 348707 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79820 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79820 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1861 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. | ||||
| CVE-2022-1860 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1859 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1857 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | ||||
| CVE-2022-1856 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. | ||||
| CVE-2022-1855 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1854 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1851 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1850 | 1 Filegator | 1 Filegator | 2024-11-21 | 8.1 High |
| Path Traversal in GitHub repository filegator/filegator prior to 7.8.0. | ||||
| CVE-2022-1841 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.2 High |
| In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. | ||||
| CVE-2022-1833 | 1 Redhat | 1 Amq Broker | 2024-11-21 | 8.8 High |
| A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. The service account used for building the Operator gives more permission than expected and an attacker could benefit from it. This requires at least an already compromised low-privilege account or insider attack. | ||||
| CVE-2022-1824 | 1 Mcafee | 1 Consumer Product Removal Tool | 2024-11-21 | 7.9 High |
| An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary code as there were insufficient checks on the executable being signed by McAfee. | ||||
| CVE-2022-1823 | 1 Mcafee | 1 Consumer Product Removal Tool | 2024-11-21 | 7.9 High |
| Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code, through not correctly checking the integrity of the configuration file. | ||||
| CVE-2022-1815 | 1 Diagrams | 1 Drawio | 2024-11-21 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. | ||||
| CVE-2022-1809 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.8 High |
| Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. | ||||
| CVE-2022-1808 | 1 Trudesk Project | 1 Trudesk | 2024-11-21 | 8.8 High |
| Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. | ||||
| CVE-2022-1805 | 1 Teradici | 2 Tera2 Pcoip Zero Client, Tera2 Pcoip Zero Client Firmware | 2024-11-21 | 8.1 High |
| When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client. | ||||
| CVE-2022-1801 | 1 Very Simple Contact Form Project | 1 Very Simple Contact Form | 2024-11-21 | 7.5 High |
| The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. | ||||
| CVE-2022-1800 | 1 Soflyy | 1 Export Any Wordpress Data To Xml\/csv | 2024-11-21 | 7.2 High |
| The Export any WordPress data to XML/CSV WordPress plugin before 1.3.5 does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. | ||||
| CVE-2022-1796 | 1 Vim | 1 Vim | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2.4979. | ||||