Export limit exceeded: 10205 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10205 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0686 | 2 Redhat, Url-parse Project | 2 Rhmt, Url-parse | 2024-11-21 | 9.1 Critical |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8. | ||||
| CVE-2022-0667 | 2 Isc, Netapp | 17 Bind, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.5 High |
| When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 | ||||
| CVE-2022-0645 | 1 Posthog | 1 Posthog | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1. | ||||
| CVE-2022-0635 | 2 Isc, Netapp | 17 Bind, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.5 High |
| Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. | ||||
| CVE-2022-0624 | 1 Parse-path Project | 1 Parse-path | 2024-11-21 | 7.3 High |
| Authorization Bypass Through User-Controlled Key in GitHub repository ionicabizau/parse-path prior to 5.0.0. | ||||
| CVE-2022-0613 | 3 Fedoraproject, Redhat, Uri.js Project | 6 Fedora, Acm, Enterprise Linux and 3 more | 2024-11-21 | 6.5 Medium |
| Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8. | ||||
| CVE-2022-0597 | 1 Microweber | 1 Microweber | 2024-11-21 | 6.1 Medium |
| Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0560 | 1 Microweber | 1 Microweber | 2024-11-21 | 6.1 Medium |
| Open Redirect in Packagist microweber/microweber prior to 1.2.11. | ||||
| CVE-2022-0512 | 2 Redhat, Url-parse Project | 2 Rhmt, Url-parse | 2024-11-21 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6. | ||||
| CVE-2022-0442 | 1 Ayecode | 1 Userswp | 2024-11-21 | 4.3 Medium |
| The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar. | ||||
| CVE-2022-0337 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 6.5 Medium |
| Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High) | ||||
| CVE-2022-0334 | 1 Moodle | 1 Moodle | 2024-11-21 | 4.3 Medium |
| A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability. | ||||
| CVE-2022-0322 | 4 Fedoraproject, Linux, Oracle and 1 more | 6 Fedora, Linux Kernel, Communications Cloud Native Core Binding Support Function and 3 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS). | ||||
| CVE-2022-0315 | 1 Horovod | 1 Horovod | 2024-11-21 | 7.5 High |
| Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0. | ||||
| CVE-2022-0283 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.7 Medium |
| An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL. | ||||
| CVE-2022-0272 | 1 Detekt | 1 Detekt | 2024-11-21 | 9.8 Critical |
| Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0. | ||||
| CVE-2022-0266 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.6 Medium |
| Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v. | ||||
| CVE-2022-0265 | 1 Hazelcast | 1 Hazelcast | 2024-11-21 | 9.8 Critical |
| Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1. | ||||
| CVE-2022-0239 | 1 Stanford | 1 Corenlp | 2024-11-21 | 9.8 Critical |
| corenlp is vulnerable to Improper Restriction of XML External Entity Reference | ||||
| CVE-2022-0235 | 4 Debian, Node-fetch Project, Redhat and 1 more | 14 Debian Linux, Node-fetch, Acm and 11 more | 2024-11-21 | 6.1 Medium |
| node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | ||||