Risk 2022

Overview of the different risk assignments of different sources of the documented vulnerabilities.

IDTitleVulDBCVSSSecuniaXForceNessus
206396CodeIgniter Shield cross-site request forgery [CVE-2022-35943]low🔒---
206395Camilova activerecord-update-by-case Base sql injectionmedium🔒---
206394undici undici.request server-side request forgerymedium🔒---
206393Gitea Issue access control [CVE-2022-38183]medium🔒---
206392OpenSearch Security Advanced Access Control unknown vulnerabilitylow🔒---
206391BookWyrm Link redirect [CVE-2022-35953]low🔒---
206390Esri ArcReader File out-of-bounds [CVE-2021-29118]low🔒---
206389Esri ArcReader File use after free [CVE-2021-29117]medium🔒---
206388Esri ArcReader File out-of-bounds [CVE-2021-29112]low🔒---
206387loopback-connector-postgresql sql injection [CVE-2022-35942]medium🔒---
206386Google Chrome OS Audio Server out-of-bounds write [CVE-2022-2587]medium🔒---
206385Google Chrome PDF heap-based overflow [CVE-2022-2624]medium🔒---
206384Google Chrome Offline use after free [CVE-2022-2623]medium🔒---
206383Google Chrome Safe Browsing input validation [CVE-2022-2622]medium🔒---
206382Google Chrome Extensions use after free [CVE-2022-2621]medium🔒---
206381Google Chrome WebUI use after free [CVE-2022-2620]medium🔒---
206380Google Chrome Settings input validation [CVE-2022-2619]medium🔒---
206379Google Chrome Internals input validation [CVE-2022-2618]medium🔒---
206378Google Chrome Extensions API use after free [CVE-2022-2617]medium🔒---
206377Google Chrome Extensions API Remote Code Execution [CVE-2022-2616]medium🔒---
206376Google Chrome Cookie access control [CVE-2022-2615]medium🔒---
206375Google Chrome Sign-In Flow use after free [CVE-2022-2614]medium🔒---
206374Google Chrome Input use after free [CVE-2022-2613]medium🔒---
206373Google Chrome Keyboard Input information disclosure [CVE-2022-2612]low🔒---
206372Google Chrome Fullscreen API Privilege Escalation [CVE-2022-2611]low🔒---
206371Google Chrome Background Fetch access control [CVE-2022-2610]medium🔒---
206370Google Chrome Nearby Share use after free [CVE-2022-2609]medium🔒---
206369Google Chrome Overview Mode use after free [CVE-2022-2608]medium🔒---
206368Google Chrome Tab Strip use after free [CVE-2022-2607]medium🔒---
206367Google Chrome Managed Devices API use after free [CVE-2022-2606]medium🔒---
206366Google Chrome Dawn out-of-bounds [CVE-2022-2605]low🔒---
206365Google Chrome Safe Browsing use after free [CVE-2022-2604]medium🔒---
206364Google Chrome Omnibox use after free [CVE-2022-2603]medium🔒---
206363YugabyteDB LDAP Authentication config [CVE-2022-37397]medium🔒---
206362Google Android Settings access control [CVE-2022-20302]low🔒---
206361Google Android Settings permission [CVE-2022-20265]low🔒---
206360ForkCMS cross site scripting [CVE-2022-35590]low🔒---
206359ForkCMS cross site scripting [CVE-2022-35585]low🔒---
206358Synacor Zimbra Collaboration Suite cross site scripting [CVE-2022-37044]low🔒---
206357Google Android Core Utilities input validation [CVE-2022-20338]medium🔒---
206356Google Android Wifi Slice permission [CVE-2022-20335]medium🔒---
206355Google Android Framework improper restriction of rendered ui layerslow🔒---
206354Google Android Wifi permission [CVE-2022-20329]medium🔒---
206353Google Android DreamServices Local Privilege Escalation [CVE-2022-20319]low🔒---
206352Google Android KeyChain permission [CVE-2022-20314]medium🔒---
206351Google Android Bluetooth out-of-bounds write [CVE-2022-20313]medium🔒---
206350Google Android Camera Provider HAL memory corruption [CVE-2022-20306]medium🔒---
206349Google Android Settings access control [CVE-2022-20297]medium🔒---
206348Google Android Settings access control [CVE-2022-20292]medium🔒---
206347Google Android Midi permission [CVE-2022-20290]medium🔒---
206346Google Android Connectivity access control [CVE-2022-20286]medium🔒---
206345Google Android AppWidget permission [CVE-2022-20282]medium🔒---
206344Google Android Core permission [CVE-2022-20281]medium🔒---
206343Google Android Keyguard permission [CVE-2022-20274]medium🔒---
206342Google Android PermissionController permission [CVE-2022-20271]medium🔒---
206341Google Android Bluetooth out-of-bounds write [CVE-2022-20269]medium🔒---
206340Google Android RestrictionsManager permission [CVE-2022-20268]medium🔒---
206339Google Android Bluetooth permission [CVE-2022-20267]medium🔒---
206338Google Android Companion permission [CVE-2022-20266]medium🔒---
206337Google Android Bluetooth improper authentication [CVE-2022-20257]medium🔒---
206336Google Android Audio HAL out-of-bounds write [CVE-2022-20256]medium🔒---
206335Google Android SettingsProvider permission [CVE-2022-20255]medium🔒---
206334Google Android Wi-Fi permission [CVE-2022-20254]medium🔒---
206333Fork cross site scripting [CVE-2022-35589]low🔒---
206332Fork cross site scripting [CVE-2022-35587]low🔒---
206331ThingsBoard Rule Engine cross site scripting [CVE-2021-42751]low🔒---
206330ThingsBoard Rule Engine cross site scripting [CVE-2021-42750]low🔒---
206329Neo4j APOC apoc.log.stream pathname traversalmedium🔒---
206328Tenda W6 exeCommand command injectionmedium🔒---
206327Google Android PackageManager information disclosure [CVE-2022-20332]low🔒---
206326Google Android PackageManager information disclosure [CVE-2022-20328]low🔒---
206325Google Android Framework information disclosure [CVE-2022-20324]low🔒---
206324Google Android ActivityManager information disclosure [CVE-2022-20320]low🔒---
206323Google Android PackageInstaller information disclosure [CVE-2022-20318]low🔒---
206322Google Android ContentResolver information disclosure [CVE-2022-20316]low🔒---
206321Google Android PackageInstaller information disclosure [CVE-2022-20309]low🔒---
206320Google Android AlarmManagerService information disclosure [CVE-2022-20307]low🔒---
206319Google Android LauncherApps information disclosure [CVE-2022-20293]low🔒---
206318Google Android AppOpsService information disclosure [CVE-2022-20291]low🔒---
206317Google Android PackageInstaller information disclosure [CVE-2022-20289]low🔒---
206316Google Android AppSearchManagerService information disclosurelow🔒---
206315Google Android AppSearchManagerService information disclosurelow🔒---
206314Google Android PackageManager information disclosure [CVE-2022-20285]low🔒---
206313Google Android DevicePolicyManager information disclosure [CVE-2022-20279]low🔒---
206312Google Android DevicePolicyManager information disclosure [CVE-2022-20277]low🔒---
206311Google Android DevicePolicyManager information disclosure [CVE-2022-20276]low🔒---
206310Google Android DevicePolicyManager information disclosure [CVE-2022-20275]low🔒---
206309Google Android ActivityManager information disclosure [CVE-2022-20263]low🔒---
206308Google Android Phone App resource consumption [CVE-2022-20260]low🔒---
206307Nextcloud Talk Conversation unknown vulnerability [CVE-2022-35932]low🔒---
206306Google Android WiFi information disclosure [CVE-2022-20342]low🔒---
206305Google Android ConnectivityService information disclosure [CVE-2022-20341]low🔒---
206304Google Android SEpolicy information disclosure [CVE-2022-20339]low🔒---
206303Google Android Settings information disclosure [CVE-2022-20336]low🔒---
206302Google Android Bluetooth permission [CVE-2022-20330]medium🔒---
206301Google Android Wi-Fi information disclosure [CVE-2022-20327]low🔒---
206300Google Android Telephony information disclosure [CVE-2022-20326]low🔒---
206299Google Android Media use after free [CVE-2022-20325]medium🔒---
206298Google Android PackageManager information disclosure [CVE-2022-20323]low🔒---
206297Google Android PackageManager information disclosure [CVE-2022-20322]low🔒---
206296Google Android Settings information disclosure [CVE-2022-20321]low🔒---
206295Google Android SystemUI information disclosure [CVE-2022-20317]low🔒---
206294Google Android ActivityManager information disclosure [CVE-2022-20315]low🔒---
206293Google Android WifiP2pManager information disclosure [CVE-2022-20312]low🔒---
206292Google Android Telecomm information disclosure [CVE-2022-20311]low🔒---
206291Google Android Telecomm information disclosure [CVE-2022-20310]low🔒---
206290Google Android ContentService information disclosure [CVE-2022-20305]low🔒---
206289Google Android Content information disclosure [CVE-2022-20304]low🔒---
206288Google Android ContentService information disclosure [CVE-2022-20303]low🔒---
206287Google Android Content information disclosure [CVE-2022-20301]low🔒---
206286Google Android Content information disclosure [CVE-2022-20300]low🔒---
206285Google Android ContentService information disclosure [CVE-2022-20299]low🔒---
206284Google Android ContentService information disclosure [CVE-2022-20298]low🔒---
206283Google Android ContentService information disclosure [CVE-2022-20296]low🔒---
206282Google Android ContentService information disclosure [CVE-2022-20295]low🔒---
206281Google Android Content information disclosure [CVE-2022-20294]low🔒---
206280Google Android Telephony information disclosure [CVE-2022-20284]low🔒---
206279Google Android MMSProvider information disclosure [CVE-2022-20280]low🔒---
206278Google Android log file [CVE-2022-20278]low🔒---
206277Google Android PermissionController information disclosure [CVE-2022-20272]low🔒---
206276Google Android Content information disclosure [CVE-2022-20270]low🔒---
206275Google Android ActivityManager information disclosure [CVE-2022-20262]low🔒---
206274Google Android LocationManager information disclosure [CVE-2022-20261]low🔒---
206273Google Android Telephony information disclosure [CVE-2022-20259]low🔒---
206272Google Android Bluetooth config [CVE-2022-20258]low🔒---
206271Synacor Zimbra Collaboration Suite Header ProxyServlet.java Privilege Escalationmedium🔒---
206270Tenda W6 WifiMacFilterSet stack-based overflowlow🔒---
206269Tenda W6 wifiSSIDset stack-based overflowlow🔒---
206268Tenda W6 setAutoPing stack-based overflowmedium🔒---
206267Tenda W6 WifiMacFilterGet stack-based overflowlow🔒---
206266Tenda W6 wifiSSIDget stack-based overflowlow🔒---
206265Google Android Bluetooth null pointer dereference [CVE-2022-20334]low🔒---
206264Google Android Bluetooth denial of service [CVE-2022-20333]low🔒---
206263Google Android hostapd denial of service [CVE-2022-20308]medium🔒---
206262Google Android Bluetooth denial of service [CVE-2022-20253]low🔒---
206261Ivanti Pulse Connect Secure Push Configuration targets.cgi source codelow🔒---
206260Synacor Zimbra Collaboration Suite cross-site request forgerylow🔒---
206259Google Android SELinux Policy information disclosure [CVE-2022-20340]low🔒---
206258Synacor Zimbra Collaboration Suite mboximport pathname traversalmedium🔒---
206257Google Android Bluetooth out-of-bounds write [CVE-2022-20362]medium🔒---
206256Google Android Bluetooth out-of-bounds write [CVE-2022-20283]medium🔒---
206255Google Android Bluetooth out-of-bounds [CVE-2022-20273]low🔒---
206254JetBrains Ktor improper authentication [CVE-2022-38180]low🔒---
206253JetBrains Ktor File Download incomplete blacklist [CVE-2022-38179]medium🔒---
206252Google Play Services SDK modification of assumed-immutable datamedium🔒---
206251Linux Kernel Dm-verity authentication bypass by assumed-immutable datamedium🔒---
206250SourceCodester Zoo Management System apply_vacancy.php unrestricted uploadmedium🔒---
206249SourceCodester Zoo Management System animals.php sql injectionmedium🔒---
206248SourceCodester Gas Agency Management System login.php sql injectionmedium🔒---
206247SourceCodester Automated Beer Parlour Billing System Login sql injectionmedium🔒---
206246SourceCodester Gym Management System clickjacking [CVE-2022-2800]low🔒---
206245SourceCodester Student Information System view_student.php sql injectionmedium🔒---
206244Google Android Messaging input validation [CVE-2022-20250]medium🔒---
206243Google Android Settings Local Privilege Escalation [CVE-2022-20248]low🔒---
206242Google Android WindowManager permission [CVE-2022-20246]medium🔒---
206241Google Android Bluetooth out-of-bounds write [CVE-2022-20244]medium🔒---
206240Zoom On-Premise Meeting Connector Zone Controller STUN Error Code stack-based overflowmedium🔒---
206239Google Android PackageManager information disclosure [CVE-2022-20252]low🔒---
206238Google Android LocaleManager information disclosure [CVE-2022-20251]low🔒---
206237Google Android LocaleManager information disclosure [CVE-2022-20249]low🔒---
206236Google Android Telephony information disclosure [CVE-2022-20242]low🔒---
206235B&R Studio input validation [CVE-2021-22289]medium🔒---
206234Google Android USB Manager information disclosure [CVE-2021-0975]low🔒---
206233Google Android Settings information disclosure [CVE-2021-0734]low🔒---
206232Google Android g3aa_buffer_allocator.cc out-of-bounds writemedium🔒---
206231Google Android Kernel out-of-bounds write [CVE-2022-20382]medium🔒---
206230Google Android trusty-log.c trusty_log_seq_start use after freemedium🔒---
206229Google Android Crypto Local Privilege Escalation [CVE-2022-20374]low🔒---
206228Google Android st21nfc.c st21nfc_loc_set_polaritymode use after freemedium🔒---
206227Google Android exynos5_i2c_irq out-of-bounds writemedium🔒---
206226Google Android dm-bow.c dm_bow_dtr use after freemedium🔒---
206225Google Android v4l2-mem2mem.c v4l2_m2m_querybuf out-of-bounds writemedium🔒---
206224Google Android lwis_ioctl.c construct_transaction out-of-bounds writemedium🔒---
206223Google Android lwis_ioctl.c ioctl_dpm_clk_update out-of-bounds writemedium🔒---
206222Google Android WindowManager information disclosure [CVE-2022-20245]low🔒---
206221Google Android Core Utilities information disclosure [CVE-2022-20243]low🔒---
206220Google Android SMS Message information disclosure [CVE-2022-20241]low🔒---
206219Google Android backing-dev.c bdi_put memory corruptionmedium🔒---
206218Zoom On-Premise Meeting Connector MMR Waiting Room access controlmedium🔒---
206217Zoom On-Premise Meeting Connector MMR Waiting Room access controlmedium🔒---
206216Google Android Kernel Privilege Escalation [CVE-2022-20408]low🔒---
206215Google Android Kernel Privilege Escalation [CVE-2022-20407]low🔒---
206214Google Android Kernel Privilege Escalation [CVE-2022-20406]low🔒---
206213Google Android Kernel Privilege Escalation [CVE-2022-20405]low🔒---
206212Google Android Kernel Privilege Escalation [CVE-2022-20404]low🔒---
206211Google Android Kernel Privilege Escalation [CVE-2022-20403]low🔒---
206210Google Android Kernel Privilege Escalation [CVE-2022-20402]low🔒---
206209Google Android Kernel Privilege Escalation [CVE-2022-20384]low🔒---
206208Google Android Kernel Privilege Escalation [CVE-2022-20381]low🔒---
206207Google Android Kernel Privilege Escalation [CVE-2022-20380]low🔒---
206206Google Android Kernel Privilege Escalation [CVE-2022-20378]low🔒---
206205Google Android Kernel Privilege Escalation [CVE-2022-20370]low🔒---
206204Google Android Kernel Privilege Escalation [CVE-2022-20368]low🔒---
206203Google Android Privilege Escalation [CVE-2022-20365]low🔒---
206202Google Android lwis_buffer.c lwis_buffer_alloc use after freemedium🔒---
206201Google Android Fingerprint keymaster_ipc.cpp Local Privilege Escalationlow🔒---
206200Google Android mali_gralloc_reference.cpp Local Privilege Escalationlow🔒---
206199Google Android PackageManager information disclosure [CVE-2021-0735]low🔒---
206198Google Android Kernel LteRrcNr_Codec.c LteRrcNrProAsnDecode out-of-boundsmedium🔒---
206197Android Media out-of-bounds [CVE-2022-20247]low🔒---
206196Zoom Client for Meetings URL Parser input validation [CVE-2022-28755]medium🔒---
206195Adobe Framemaker File out-of-bounds [CVE-2022-35674]medium🔒---
206194Adobe Framemaker out-of-bounds [CVE-2022-35673]low🔒---
206193Adobe Premiere Elements uncontrolled search path [CVE-2022-34235]medium🔒---
206192Google Android SAEMM_ContextManagement.c SAEMM_RetrievEPLMNList out-of-boundslow🔒---
206191Google Android cd_codec.c cd_CodeMsg out-of-bounds writemedium🔒---
206190Adobe Framemaker heap-based overflow [CVE-2022-35677]medium🔒---
206189Adobe Framemaker heap-based overflow [CVE-2022-35676]medium🔒---
206188Adobe Framemaker use after free [CVE-2022-35675]medium🔒---
206187Adobe Illustrator use after free [CVE-2022-34263]medium🔒---
206186Adobe Illustrator out-of-bounds write [CVE-2022-34260]medium🔒---
206185Google Android Kernel miscdatabuilder.cpp BuildDevIDResponse out-of-bounds writemedium🔒---
206184Adobe Framemaker out-of-bounds [CVE-2022-34264]low🔒---
206183Adobe Illustrator out-of-bounds [CVE-2022-34262]low🔒---
206182Adobe Illustrator out-of-bounds [CVE-2022-34261]low🔒---
206181Adobe Acrobat Reader out-of-bounds write [CVE-2022-35667]medium🔒---
206180Adobe Acrobat Reader input validation [CVE-2022-35666]medium🔒---
206179Adobe Acrobat Reader use after free [CVE-2022-35665]medium🔒---
206178Adobe Acrobat Reader out-of-bounds [CVE-2022-35678]low🔒---
206177Adobe Acrobat Reader out-of-bounds [CVE-2022-35671]low🔒---
206176Adobe Acrobat Reader use after free [CVE-2022-35670]medium🔒---
206175Adobe Acrobat Reader information disclosure [CVE-2022-35668]low🔒---
206174microweber cross site scripting [CVE-2022-2777]low🔒---
206173SourceCodester Gas Agency Management System oneWord.php unrestricted uploadmedium🔒---
206172SourceCodester Gym Management System delete_user.php denial of servicelow🔒---
206171Google Go path-filepath Clean pathname traversalmedium🔒---
206170SourceCodester Library Management System student.php sql injectionmedium🔒---
206169SourceCodester Apartment Visitor Management System profile.php cross site scriptinglow🔒---
206168SourceCodester Apartment Visitor Management System action-visitor.php sql injectionmedium🔒---
206167SourceCodester Simple Online Book Store System bookPerPub.php sql injectionmedium🔒---
206166SourceCodester Simple Online Book Store System book.php sql injectionmedium🔒---
206165SourceCodester Company Website CMS contact cross site scriptinglow🔒---
206164SourceCodester Library Management System cross site scriptinglow🔒---
206163SourceCodester Online Admission System index.php cross site scriptinglow🔒---
206162SourceCodester Loan Management System index.php sql injectionmedium🔒---
206161SourceCodester Company Website CMS settings improper authenticationmedium🔒---
206160Business-central XML xml external entity reference [CVE-2022-2458]low🔒---
206159Google Android SecureNfcPreferenceController.java setChecked permissionmedium🔒---
206158Google Android NotificationManagerService.java permissionlow🔒---
206157Google Android ActiveServices.java shouldAllowFgsWhileInUsePermissionLocked permissionmedium🔒---
206156Google Android PacProxyService.java get denial of servicelow🔒---
206155Google Android Vpn.java onDefaultNetworkChanged Local Privilege Escalationlow🔒---
206154Google Android EventThread.cpp stealReceiveChannel race conditionlow🔒---
206153Huawei HarmonyOS My Huawei App information disclosure [CVE-2021-40030]low🔒---
206152Google Android Task.java Local Privilege Escalationlow🔒---
206151kareadita kavita server-side request forgery [CVE-2022-2756]medium🔒---
206150Gumstix Overo SBC access control [CVE-2022-38161]medium🔒---
206149Varnish Cache HTTP1 Backend denial of service [CVE-2022-38150]low🔒---
206148Huawei HarmonyOS Recovery Module denial of service [CVE-2022-37008]low🔒---
206147Huawei HarmonyOS chinadrm out-of-bounds [CVE-2022-37007]low🔒---
206146Huawei Smart Phone Network Module permission [CVE-2022-37006]low🔒---
206145Huawei HarmonyOS Settings App argument injection [CVE-2022-37005]medium🔒---
206144Huawei HarmonyOS Settings App out-of-bounds [CVE-2022-37004]low🔒---
206143Huawei HarmonyOS AOD Module permission [CVE-2022-37003]medium🔒---
206142Huawei HarmonyOS SystemUI Module access control [CVE-2022-37002]medium🔒---
206141Zoho ManageEngine OpManager Network Configuration information disclosurelow🔒---
206140EyouCMS cross site scripting [CVE-2022-35509]low🔒---
206139Google Go math-big denial of service [CVE-2022-32189]low🔒---
206138Google Go net-http httputil.ReverseProxy.ServeHTTP information disclosurelow🔒---
206137Google Go encoding-gob recursion [CVE-2022-30635]low🔒---
206136Google Go encoding-xml Unmarshal recursionlow🔒---
206135Google Go path-filepath recursion [CVE-2022-30632]low🔒---
206134Google Go compress-gzip recursion [CVE-2022-30631]low🔒---
206133Google Go io-fs recursion [CVE-2022-30630]low🔒---
206132Google Go TLS ticket_age_add observable behavioral discrepancylow🔒---
206131Google Go OS Exec Cmd.Start code injectionmedium🔒---
206130Google Go XML Document Decoder.Skip recursionlow🔒---
206129Google Android Notification NotificationAccessConfirmationActivity.java onCreate information disclosurelow🔒---
206128Google Go Parser recursion [CVE-2022-1962]low🔒---
206127Google Go net-http request smuggling [CVE-2022-1705]medium🔒---
206126AMC Zen 1/Zen 2/Zen 3 SMT information exposure [CVE-2021-46778]low🔒---
206125Huawei Smart Phone HW_KEYMASTER Module information disclosurelow🔒---
206124Huawei HarmonyOS Video Framework buffer overflow [CVE-2021-40034]medium🔒---
206123JetBrains TeamCity Private SSH Key log file [CVE-2022-38133]low🔒---
206122Dell WMS Device API path traversal [CVE-2022-34365]medium🔒---
206121Dell Wyse Management Suite UI access control [CVE-2022-33931]medium🔒---
206120Dell Wyse Management Suite EndUserSummary Page cross site scriptinglow🔒---
206119Dell Wyse Management Suite session fixiation [CVE-2022-33927]medium🔒---
206118Dell Wyse Management Suite Rule access control [CVE-2022-33924]medium🔒---
206117Dell Wyse Management Suite sensitive information in gui [CVE-2022-29090]medium🔒---
206116SAP Authenticator information disclosure [CVE-2022-35290]low🔒---
206115Google Android AbstractThreadedSyncAdapter.java startSync information disclosurelow🔒---
206114Google Android DefaultRingtonePreference.java onSaveRingtone information disclosurelow🔒---
206113Google Android LocationManagerService.java addProviderRequestListener information disclosurelow🔒---
206112Google Android permission [CVE-2022-20349]medium🔒---
206111Google Android updateState permissionmedium🔒---
206110Samsung mTower TEE_Malloc memory allocationlow🔒---
206109Keysight Sensor Management Server path traversal [CVE-2022-38129]medium🔒---
206108Huawei HarmonyOS diag-router Module denial of service [CVE-2022-37001]low🔒---
206107TOTOLINK A3002RU shadow.sample hard-coded passwordmedium🔒---
206106ImageMagick File operation.c WriteImages assertionlow🔒---
206105Autodesk 3ds Max ActionScript Byte Code File stack-based overflowmedium🔒---
206104Google Android Bluetooth btif_dm.cc btif_dm_auth_cmpl_evt Remote Code Executionmedium🔒---
206103Google Android Bluetooth ConnectedDeviceDashboardFragment.java onAttach permissionmedium🔒---
206102Dell Wyse Management Suite Devices Error Page information exposurelow🔒---
206101Dell Wyse Management Suite UI credentials storage [CVE-2022-33928]low🔒---
206100Dell Wyse Management Suite access control [CVE-2022-33926]medium🔒---
206099Dell Wyse Management Suite UI access control [CVE-2022-33925]medium🔒---
206098Google Android SurfaceControl.cpp writeToParcel information disclosurelow🔒---
206097Keysight Sensor Management Server HSQLDB Database Remote Code Executionmedium🔒---
206096Zoho ManageEngine OpManager Database Privilege Escalation [CVE-2022-37024]medium🔒---
206095Adobe Experience Manager Core Components URL cross site scriptinglow🔒---
206094WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 wireless.cgi command injectionmedium🔒---
206093WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 wireless.cgi command injectionmedium🔒---
206092WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 qos.cgi command injectionmedium🔒---
206091WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 wireless.cgi command injectionmedium🔒---
206090WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 wireless.cgi command injectionmedium🔒---
206089WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 qos.cgi command injectionmedium🔒---
206088WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 login.cgi command injectionmedium🔒---
206087WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 adm.cgi command injectionmedium🔒---
206086WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 adm.cgi command injectionmedium🔒---
206085WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 firewall.cgi command injectionmedium🔒---
206084WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 adm.cgi command injectionmedium🔒---
206083WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 api.cgi command injectionmedium🔒---
206082WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 firewall.cgi command injectionmedium🔒---
206081WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 nas.cgi command injectionmedium🔒---
206080WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 adm.cgi command injectionmedium🔒---
206079SAP Enable Now authorization [CVE-2022-35293]medium🔒---
206078Mega System Technologies MSNSwitch ExportSettings.sh improper authenticationmedium🔒---
206077SAP BusinessObjects Business Intelligence Platform information disclosurelow🔒---
206076F-Secure Atlant Scanning Engine aerdl.dll denial of servicelow🔒---
206075Google Android MPEG4Extractor.cpp updateAudioTrackInfoFromESDS_MPEG4Audio out-of-boundslow🔒---
206074Google Android Bluetooth l2c_ble.cc l2cble_process_sig_cmd out-of-bounds writemedium🔒---
206073Google Android Kernel remap_pfn_range memory corruptionmedium🔒---
206072WAVLINK WN572HP3/WN533A8/WN530H4/WN535G3/WN531P3 firewall.cgi command injectionmedium🔒---
206071VMware vRealize Operations improper authentication [CVE-2022-31675]medium🔒---
206070VMware vRealize Operations log file [CVE-2022-31674]low🔒---
206069VMware vRealize Operations access control [CVE-2022-31672]medium🔒---
206068Red Hat Process Automation Manager Administration Console excessive authenticationlow🔒---
206067Digi ConnectPort X2D Gateway Web Application unnecessary privilegeshigh🔒---
206066VMware vRealize Operations information disclosure [CVE-2022-31673]low🔒---
206065libtar th_read memory leaklow🔒---
206064libtar th_read memory leaklow🔒---
206063UCMS file unrestricted uploadmedium🔒---
206062IBM Workload Scheduler Key System Files denial of service [CVE-2022-22369]medium🔒---
206061Clinics Patient Management System update_user.php sql injectionmedium🔒---
206060libtar Tar File malloc out-of-boundslow🔒---
206059libtar Tar File malloc out-of-boundslow🔒---
206058IBM Robotic Process Automation weak password [CVE-2022-35280]low🔒---
206057IBM Robotic Process Automation information disclosure [CVE-2022-22490]low🔒---
206056IBM Spectrum Scale Data Access Services code injection [CVE-2022-22411]medium🔒---
206055Clinics Patient Management System users.php Privilege Escalationmedium🔒---
206054IBM InfoSphere Information Server information exposure [CVE-2022-35715]low🔒---
206053VMware Workstation information disclosure [CVE-2022-22983]low🔒---
206052NetApp StorageGRID Remote Code Execution [CVE-2022-23238]medium🔒---
206051Palo Alto PAN-OS URL Filter amplification [CVE-2022-0028]medium🔒---
206050Cisco ASA/Firepower Threat Defense Clientless SSL VPN request smugglinglow🔒---
206049Cisco ASA/Firepower Threat Defense RSA Key information exposurelow🔒---
206048Siemens Teamcenter File Server Cache Service infinite loop [CVE-2022-34661]low🔒---
206047Siemens Simcenter STAR-CCM+ Display Name information disclosurelow🔒---
206046Siemens CP-8000 MASTER MODULE Web Server Module access controlmedium🔒---
206045Siemens SCALANCE XR-500 Web Interface cross site scripting [CVE-2022-36325]low🔒---
206044Siemens SCALANCE XR-500 SSL allocation of resources [CVE-2022-36324]low🔒---
206043Siemens SCALANCE XR-500 injection [CVE-2022-36323]medium🔒---
206042Siemens Teamcenter File Server Cache Service command injectionmedium🔒---
206041ClamAV Antivirus Regex Module out-of-bounds [CVE-2022-20792]medium🔒---
206040KUKA V-KSS Robot Configuration missing authentication [CVE-2022-2242]high🔒---
206039mc-kill-port kill Local Privilege Escalationmedium🔒---
206038Apache Traffic Server Header request smuggling [CVE-2022-31778]medium🔒---
206037Apache Traffic Server Header Parser request smuggling [CVE-2021-37150]medium🔒---
206036Apache Traffic Server HTTP2 Frame request smuggling [CVE-2022-31780]medium🔒---
206035Apache Traffic Server HTTP2 Header Parser request smuggling [CVE-2022-31779]medium🔒---
206034Apache Traffic Server HTTP 1.1 Header Parser input validationmedium🔒---
206033Apache Traffic Server HTTP2 Request request smuggling [CVE-2022-25763]low🔒---
206032Cisco Webex Meetings Web Interface cross site scripting [CVE-2022-20852]low🔒---
206031Cisco Webex Meetings Web Interface cross site scripting [CVE-2022-20820]low🔒---
206030Cisco BroadWorks Application Delivery Platform Software Web-based Management Interface cross site scriptinglow🔒---
206029Cisco Identity Services Engine External RESTful Services API missing password field maskinglow🔒---
206028Cisco Small Business RV345 buffer overflow [CVE-2022-20842]high🔒---
206027Cisco Small Business RV345 buffer overflow [CVE-2022-20841]medium🔒---
206026Cisco Small Business RV345 buffer overflow [CVE-2022-20827]medium🔒---
206025Cisco Unified Communications Manager Web-based Management Interface path traversalmedium🔒---
206024SourceCodester Company Website CMS add-portfolio.php unrestricted uploadmedium🔒---
206023Dell BIOS improper authentication [CVE-2022-29083]medium🔒---
206022SourceCodester Company Website CMS Add Service add-service.php unrestricted uploadmedium🔒---
206021Atlassian Jira Server/Jira Data Center TeamManagement.jspa cross site scriptinglow🔒---
206020Microsoft Edge Remote Code Execution [CVE-2022-35796]medium🔒---
206019Microsoft Edge Remote Code Execution [CVE-2022-33649]medium🔒---
206018Microsoft Edge Remote Code Execution [CVE-2022-33636]medium🔒---
206017SourceCodester Gym Management System unrestricted upload [CVE-2022-2749]medium🔒---
206016SourceCodester Simple Online Book Store System edit.php cross site scriptinglow🔒---
206015SourceCodester Simple Online Book Store book.php sql injectionmedium🔒---
206014SourceCodester Simple Online Book Store System Admin_ add.php unrestricted uploadmedium🔒---
206013SourceCodester Gym Management System Add New Trainer add_trainers.php sql injectionmedium🔒---
206012SourceCodester Gym Management System Background Management add_exercises.php unrestricted uploadmedium🔒---
206011FTL ftlserver Privilege Escalation [CVE-2022-30574]low🔒---
206010TIBCO FTL ftlserver access control [CVE-2022-30573]medium🔒---
206009Microsoft Visual Studio Remote Code Execution [CVE-2022-35827]medium🔒---
206008Microsoft Visual Studio Remote Code Execution [CVE-2022-35826]medium🔒---
206007Microsoft Visual Studio Remote Code Execution [CVE-2022-35825]medium🔒---
206006Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
206005Microsoft Azure Sphere information disclosure [CVE-2022-35821]low🔒---
206004Microsoft Windows Bluetooth Driver Privilege Escalation [CVE-2022-35820]medium🔒---
206003Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
206002Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
206001Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
206000Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205999Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205998Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205997Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205996Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
205995Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205994Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205993Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205992Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205991Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205990Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205989Microsoft Windows SMB Remote Code Execution [CVE-2022-35804]medium🔒---
205988Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205987Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205986Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
205985Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205984Microsoft Windows Hello Security Local Privilege Escalation [CVE-2022-35797]medium🔒---
205983Microsoft Windows Error Reporting Service Privilege Escalationmedium🔒---
205982Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205981Microsoft Windows Print Spooler Privilege Escalation [CVE-2022-35793]medium🔒---
205980Microsoft Windows Storage Spaces Privilege Escalation [CVE-2022-35792]medium🔒---
205979Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205978Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205977Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205976Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205975Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
205974Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205973Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205972Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205971Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
205970Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205969Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205968Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205967Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205966Microsoft Visual Studio Remote Code Execution [CVE-2022-35777]medium🔒---
205965Microsoft Azure Site Recovery VMWare to Azure denial of servicemedium🔒---
205964Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205963Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
205962Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205961Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
205960Microsoft Windows Defender Credential Guard Privilege Escalationmedium🔒---
205959Microsoft Windows Point-to-Point Protocol denial of service [CVE-2022-35769]medium🔒---
205958Microsoft Windows Kernel Privilege Escalation [CVE-2022-35768]medium🔒---
205957Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205956Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205955Microsoft Windows Storage Spaces Privilege Escalation [CVE-2022-35765]medium🔒---
205954Microsoft Windows Storage Spaces Privilege Escalation [CVE-2022-35764]medium🔒---
205953Microsoft Windows Storage Spaces Privilege Escalation [CVE-2022-35763]medium🔒---
205952Microsoft Windows Storage Spaces Privilege Escalation [CVE-2022-35762]medium🔒---
205951Microsoft Windows Kernel Privilege Escalation [CVE-2022-35761]medium🔒---
205950Microsoft Windows ATA Port Driver Remote Code Execution [CVE-2022-35760]medium🔒---
205949Microsoft Windows Local Security Authority denial of servicemedium🔒---
205948Microsoft Windows Kernel information disclosure [CVE-2022-35758]low🔒---
205947Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalationmedium🔒---
205946Microsoft Windows Kerberos Remote Code Execution [CVE-2022-35756]medium🔒---
205945Microsoft Windows Print Spooler Privilege Escalation [CVE-2022-35755]medium🔒---
205944Microsoft Windows Unified Write Filter Privilege Escalation [CVE-2022-35754]medium🔒---
205943Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205942Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205941Microsoft Windows Hyper-V Privilege Escalation [CVE-2022-35751]medium🔒---
205940Microsoft Windows Win32k Privilege Escalation [CVE-2022-35750]medium🔒---
205939Microsoft Windows Digital Media Receiver Privilege Escalationmedium🔒---
205938Microsoft Windows HTTP.sys denial of service [CVE-2022-35748]medium🔒---
205937Microsoft Windows Point-to-Point Protocol denial of service [CVE-2022-35747]low🔒---
205936Microsoft Windows Digital Media Receiver Privilege Escalationmedium🔒---
205935Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205934Microsoft Windows Point-to-Point Protocol Remote Code Executionhigh🔒---
205933Microsoft Windows Support Diagnostic Tool Privilege Escalationmedium🔒---
205932Microsoft Outlook denial of service [CVE-2022-35742]low🔒---
205931Microsoft Office Remote Code Execution [CVE-2022-34717]medium🔒---
205930Microsoft .NET information disclosure [CVE-2022-34716]low🔒---
205929Microsoft Windows Network File System Remote Code Execution [CVE-2022-34715]high🔒---
205928Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205927Microsoft Windows Support Diagnostic Tool DogWalk Remote Code Executionhigh🔒---
205926Microsoft Windows Defender Credential Guard information disclosurelow🔒---
205925Microsoft Windows Defender Credential Guard information disclosurelow🔒---
205924Microsoft Windows Defender Credential Guard Privilege Escalationmedium🔒---
205923Microsoft Windows Kernel information disclosure [CVE-2022-34708]low🔒---
205922Microsoft Windows Kernel Privilege Escalation [CVE-2022-34707]medium🔒---
205921Microsoft Windows Local Security Authority Privilege Escalationmedium🔒---
205920Microsoft Windows Defender Credential Guard Privilege Escalationmedium🔒---
205919Microsoft Windows Defender Credential Guard information disclosurelow🔒---
205918Microsoft Windows Partition Management Driver Privilege Escalationmedium🔒---
205917Microsoft Windows Secure Socket Tunneling Protocol Remote Code Executionmedium🔒---
205916Microsoft Windows Secure Socket Tunneling Protocol denial of servicelow🔒---
205915Microsoft Windows Win32k Privilege Escalation [CVE-2022-34699]medium🔒---
205914Microsoft Windows Hyper-V Privilege Escalation [CVE-2022-34696]medium🔒---
205913Microsoft Exchange Server information disclosure [CVE-2022-34692]low🔒---
205912Microsoft Windows Active Directory Domain Services Privilege Escalationmedium🔒---
205911Microsoft Windows Fax Service Privilege Escalation [CVE-2022-34690]medium🔒---
205910Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205909Microsoft Azure Real Time Operating System GUIX Studio information disclosurelow🔒---
205908Microsoft Azure Real Time Operating System GUIX Studio information disclosurelow🔒---
205907Microsoft Windows Crypto Pro Boot Loader Privilege Escalationlow🔒---
205906Microsoft Windows New Horizon Data Systems Boot Loader Privilege Escalationlow🔒---
205905Microsoft Windows Eurosoft Boot Loader Privilege Escalation [CVE-2022-34301]low🔒---
205904Microsoft Windows Partition Management Driver Privilege Escalationmedium🔒---
205903Microsoft Office Online Server Excel Remote Code Execution [CVE-2022-33648]medium🔒---
205902Microsoft Azure Batch Node Agent Privilege Escalation [CVE-2022-33646]medium🔒---
205901Microsoft System Center Operations Manager Open Management Infrastructure Privilege Escalationmedium🔒---
205900Microsoft Office Excel Remote Code Execution [CVE-2022-33631]medium🔒---
205899Microsoft Windows Kernel information disclosure [CVE-2022-30197]low🔒---
205898Microsoft Windows WebBrowser Control Privilege Escalation [CVE-2022-30194]medium🔒---
205897Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205896Microsoft Azure Real Time Operating System GUIX Studio Local Privilege Escalationmedium🔒---
205895Microsoft Windows Bluetooth Service Remote Code Execution [CVE-2022-30144]medium🔒---
205894Microsoft Exchange Server information disclosure [CVE-2022-30134]medium🔒---
205893Microsoft Windows Point-to-Point Protocol Remote Code Executionhigh🔒---
205892Microsoft Exchange Server Privilege Escalation [CVE-2022-24516]medium🔒---
205891Microsoft Exchange Server Privilege Escalation [CVE-2022-24477]medium🔒---
205890Microsoft Exchange Server Privilege Escalation [CVE-2022-21980]medium🔒---
205889Microsoft Exchange information disclosure [CVE-2022-21979]low🔒---
205888OpenEMR cross site scripting [CVE-2022-2733]low🔒---
205887OpenEMR cross site scripting [CVE-2022-2731]low🔒---
205886OpenEMR cross site scripting [CVE-2022-2729]low🔒---
205885OpenEMR improper restriction of rendered ui layers [CVE-2022-2734]medium🔒---
205884OpenEMR privileges management [CVE-2022-2732]medium🔒---
205883OpenEMR authorization [CVE-2022-2730]medium🔒---
205882SourceCodester Company Website CMS Add Blog add-blog.php unrestricted uploadmedium🔒---
205881SourceCodester Company Website CMS Background Upload Logo Icon updatelogo.php unrestricted uploadmedium🔒---
205880ts-deepmerge prototype pollution [CVE-2022-25907]medium🔒---
205879Apache Avro Rust SDK denial of service [CVE-2022-36125]low🔒---
205878Apache Avro Rust SDK resource consumption [CVE-2022-36124]low🔒---
205877Apache Avro Rust SDK infinite loop [CVE-2022-35724]low🔒---
205876Airspan AirSpot 5410 Binary File login.cgi cross site scriptinglow🔒---
205875EmbedThis GoAhead Webserver Nonce websda.c entropylow🔒---
205874Zammad Secondary Organization access control [CVE-2022-35489]medium🔒---
205873Zammad Attachment Endpoint access control [CVE-2022-35487]medium🔒---
205872Cockpit session expiration [CVE-2022-2713]low🔒---
205871wolfSSL DTLS denial of service [CVE-2022-34293]low🔒---
205870Airspan AirSpot 5410 File Upload path traversal [CVE-2022-36264]low🔒---
205869eShop Multipurpose Ecommerce Store Website cross site scriptinglow🔒---
205868Zammad excessive authentication [CVE-2022-35490]low🔒---
205867Zammad Forgot Password denial of service [CVE-2022-35488]low🔒---
205866Airspan AirSpot 5410 Ping diagnostics.cgi command injectionmedium🔒---
205865Airspan AirSpot 5410 System Command Web Page Privilege Escalationmedium🔒---
205864Thinkific Uploader Plugin Setting cross site scripting [CVE-2022-2426]low🔒---
205863WP DS Blog Map Plugin Setting cross site scripting [CVE-2022-2425]low🔒---
205862DW Promobar Plugin Setting cross site scripting [CVE-2022-2423]low🔒---
205861Better Tag Cloud Plugin Setting cross site scripting [CVE-2022-2412]low🔒---
205860Auto More Tag Plugin Setting cross site scripting [CVE-2022-2411]low🔒---
205859mTouch Quiz Plugin Setting cross site scripting [CVE-2022-2410]low🔒---
205858Rough Chart Plugin Data Label cross site scripting [CVE-2022-2409]low🔒---
205857Comments Fields Plugin Field Error Message cross site scriptinglow🔒---
205856SourceCodester Gym Management System index.php sql injectionmedium🔒---
205855SourceCodester Gym Management System login.php sql injectionmedium🔒---
205854weForms Plugin Setting cross site scripting [CVE-2022-2395]low🔒---
205853Crowdsignal Dashboard Plugin cross site scripting [CVE-2022-2386]low🔒---
205852YaySMTP Plugin Setting cross site scripting [CVE-2022-2372]low🔒---
205851YaySMTP Plugin Setting cross site scripting [CVE-2022-2371]low🔒---
205850Easy Username Updater Plugin cross-site request forgery [CVE-2022-2355]low🔒---
205849WPDating Plugin sql injection [CVE-2022-2460]medium🔒---
205848Inspiro PRO Plugin cross site scripting [CVE-2022-2391]low🔒---
205847WSM Downloader Plugin Parameter Validation authorization [CVE-2022-2367]low🔒---
205846Frontend File Manager & Sharing Plugin File Extension unrestricted uploadmedium🔒---
205845Website File Changes Monitor Plugin sql injection [CVE-2022-2269]medium🔒---
205844Directorist Plugin ZIP File unrestricted upload [CVE-2022-2046]low🔒---
205843Google Maps Anywhere Plugin cross site scripting [CVE-2022-2424]low🔒---
205842Discy Theme POST Request discy_update_options access controlmedium🔒---
205841Backdoor.Win32.Guptachar.20 Service Port 2015 hard-coded credentialsmedium🔒---
205840WSM Downloader Plugin wp-config.php file accesslow🔒---
205839SEMCMS Ant_Check.php sql injectionmedium🔒---
205838SourceCodester Company Website CMS add-blog.php cross site scriptinglow🔒---
205837SourceCodester Employee Management System aprocess.php sql injectionmedium🔒---
205836SourceCodester Employee Management System eprocess.php sql injectionmedium🔒---
205835SourceCodester Simple Student Information System manage_course.php sql injectionmedium🔒---
205834SourceCodester Employee Management System eloginwel.php sql injectionmedium🔒---
205833SourceCodester Gym Management System login.php sql injectionmedium🔒---
205832Exim Alias List host.c host_name_lookup heap-based overflowmedium🔒---
205831SourceCodester Online Class and Exam Scheduling System faculty_sched.php sql injectionmedium🔒---
205830SourceCodester Online Class and Exam Scheduling System class_sched.php sql injectionmedium🔒---
205829SourceCodester Simple Student Information System manage_department.php sql injectionmedium🔒---
205828SourceCodester Simple E-Learning System downloadFiles.php information disclosurelow🔒---
205827SourceCodester Gym Management System Exercises Module sql injectionmedium🔒---
205826SourceCodester Company Website CMS Cookie site-settings.php access controlmedium🔒---
205825Exim call_pam.c pam_converse use after freelow🔒---
205824Foxit PDF Reader/PDF Editor exportXFAData null pointer dereferencelow🔒---
205823Foxit PDF Reader/PDF Editor Collab.addStateModel null pointer dereferencelow🔒---
205822SourceCodester Simple E-Learning System claire_blake cross site scriptinglow🔒---
205821SourceCodester Gym Management System GET Parameter sql injectionmedium🔒---
205820SourceCodester Simple E-Learning System claire_blake sql injectionmedium🔒---
205819SourceCodester Simple E-Learning System search.php sql injectionmedium🔒---
205818SourceCodester Simple E-Learning System comment_frame.php sql injectionmedium🔒---
205817SourceCodester Company Website CMS unrestricted upload [CVE-2022-2694]medium🔒---
205816SourceCodester Electronic Medical Records System UPDATE Statement register.php sql injectionmedium🔒---
205815SourceCodester Wedding Hall Booking System Staff User Profile cross site scriptinglow🔒---
205814SourceCodester Wedding Hall Booking System Profile Page cross site scriptinglow🔒---
205813SourceCodester Wedding Hall Booking System Booking Form cross site scriptinglow🔒---
205812SourceCodester Wedding Hall Booking System Contact Page cross site scriptinglow🔒---
205811SourceCodester Expense Management System POST Parameter report.php fetch_report_credit sql injectionmedium🔒---
205810Samsung Game Launcher information disclosure [CVE-2022-36834]low🔒---
205809Brocade Fabric OS path traversal [CVE-2021-27798]medium🔒---
205808NVIDIA vGPU Software Virtual GPU Manager null pointer dereferencemedium🔒---
205807Samsung Game Optimizing Service Package Name privileges managementmedium🔒---
205806Samsung Charm cancelAlarmManager implicit intent for sensitive communicationlow🔒---
205805Samsung Charm implicit intent for sensitive communication [CVE-2022-36829]low🔒---
205804Samsung Dex for PC access control [CVE-2022-33732]medium🔒---
205803Samsung Bluetooth information disclosure [CVE-2022-33728]low🔒---
205802Samsung Dialer Application ICCID information disclosure [CVE-2022-33724]low🔒---
205801Samsung AppLock access control [CVE-2022-33720]low🔒---
205800Samsung SEM TA out-of-bounds [CVE-2022-33717]low🔒---
205799Samsung ICCC TA uninitialized variable [CVE-2022-33716]low🔒---
205798Samsung LauncherProvider One UI access control [CVE-2022-33715]medium🔒---
205797Kaspersky VPN Secure Connection denial of service [CVE-2022-27535]low🔒---
205796Moodle Conversation Overview cross site scripting [CVE-2020-1691]low🔒---
205795AccuSoft ImageGear PSD Header memory corruption [CVE-2022-29465]medium🔒---
205794FreshTomato httpd memory corruption [CVE-2022-28665]medium🔒---
205793FreshTomato httpd memory corruption [CVE-2022-28664]medium🔒---
205792TCL LinkHub Mesh Wi-Fi MS1G Network confctl_set_guest_wlan denial of servicemedium🔒---
205791DD-WRT httpd memory corruption [CVE-2022-27631]medium🔒---
205790TCL LinkHub Mesh Wifi MS1G Network confctl_set_master_wlan access controlmedium🔒---
205789TCL LinkHub Mesh Wi-Fi MS1G Network confctl_set_wan_cfg access controlmedium🔒---
205788Asuswrt-Merlin New Gen httpd memory corruption [CVE-2022-26376]medium🔒---
205787TCL LinkHub Mesh Wi-Fi MS1G Network ucloud_del_node access controlmedium🔒---
205786TCL LinkHub Mesh Wi-Fi MS1G Network ucloud_set_node_location buffer overflowmedium🔒---
205785TCL LinkHub Mesh Wi-Fi MS1G Network ucloud_set_node_location stack-based overflowmedium🔒---
205784TCL LinkHub Mesh Wi-Fi MS1G Network Packet addTimeGroup stack-based overflowmedium🔒---
205783TCL LinkHub Mesh Wi-Fi MS1G Configuration rp-pppoe.so GetValue buffer overflowmedium🔒---
205782TCL LinkHub Mesh Wi-Fi MS1G Configuration libcommonprod.so GetValue buffer overflowmedium🔒---
205781TCL LinkHub Mesh Wi-Fi MS1G Configuration libcommon.so GetValue buffer overflowmedium🔒---
205780TCL LinkHub Mesh Wi-Fi MS1G Configuration telnet_ate_monitor GetValue buffer overflowmedium🔒---
205779TCL LinkHub Mesh Wi-Fi MS1G Configuration sntp GetValue buffer overflowmedium🔒---
205778TCL LinkHub Mesh Wi-Fi MS1G Configuration rtk_ate GetValue buffer overflowmedium🔒---
205777TCL LinkHub Mesh Wi-Fi MS1G Configuration pppd GetValue buffer overflowmedium🔒---
205776TCL LinkHub Mesh Wi-Fi MS1G Configuration pannn GetValue buffer overflowmedium🔒---
205775TCL LinkHub Mesh Wi-Fi MS1G Configuration online_process GetValue buffer overflowmedium🔒---
205774TCL LinkHub Mesh Wi-Fi MS1G Configuration network_check GetValue buffer overflowmedium🔒---
205773TCL LinkHub Mesh Wi-Fi MS1G Configuration netctrl GetValue buffer overflowmedium🔒---
205772TCL LinkHub Mesh Wi-Fi MS1G Configuration multiWAN GetValue buffer overflowmedium🔒---
205771TCL LinkHub Mesh Wi-Fi MS1G Configuration miniupnpd GetValue buffer overflowmedium🔒---
205770TCL LinkHub Mesh Wi-Fi MS1G Configuration mesh_status_check GetValue buffer overflowmedium🔒---
205769TCL LinkHub Mesh Wi-Fi MS1G Configuration log_upload GetValue buffer overflowmedium🔒---
205768TCL LinkHub Mesh Wi-Fi MS1G Configuration logserver GetValue buffer overflowmedium🔒---
205767TCL LinkHub Mesh Wi-Fi MS1G Configuration gpio_ctrl GetValue buffer overflowmedium🔒---
205766TCL LinkHub Mesh Wi-Fi MS1G Configuration fota GetValue buffer overflowmedium🔒---
205765TCL LinkHub Mesh Wi-Fi MS1G Configuration device_list GetValue buffer overflowmedium🔒---
205764TCL LinkHub Mesh Wi-Fi MS1G Configuration cwmpd GetValue buffer overflowmedium🔒---
205763TCL LinkHub Mesh Wi-Fi MS1G Configuration GetValue buffer overflowmedium🔒---
205762TCL LinkHub Mesh Wi-Fi MS1G Configuration confcli GetValue buffer overflowmedium🔒---
205761TCL LinkHub Mesh Wi-Fi MS1G Configuration cfm GetValue buffer overflowmedium🔒---
205760TCL LinkHub Mesh Wi-Fi MS1G Configuration arpbrocast GetValue buffer overflowmedium🔒---
205759TCL LinkHub Mesh Wi-Fi MS1G Configuration ap_steer GetValue buffer overflowmedium🔒---
205758TCL LinkHub Mesh Wifi MS1G Network Packet set_mf_rule stack-based overflowmedium🔒---
205757TCL LinkHub Mesh Wifi MS1G Network Packet set_mf_rule stack-based overflowmedium🔒---
205756TCL LinkHub Mesh Wifi MS1G Network Packet set_port_fwd_rule stack-based overflowmedium🔒---
205755TCL LinkHub Mesh Wi-Fi MS1G Network Packet confctl_set_app_language stack-based overflowmedium🔒---
205754Fortinet FortiADC/FortiProxy/FortiOS/FortiMail CLI format stringmedium🔒---
205753TCL LinkHub Mesh Wi-Fi MS1G Network Packet ucloud_add_node os command injectionmedium🔒---
205752TCL LinkHub Mesh Wi-Fi MS1G Network Packet ucloud_add_node_new stack-based overflowmedium🔒---
205751TCL LinkHub Mesh Wifi MS1G Network Packet ucloud_add_new_node os command injectionmedium🔒---
205750Asus ADM WebDAV stack-based overflow [CVE-2022-37398]medium🔒---
205749Samsung Update Setup uncontrolled search path [CVE-2022-36840]medium🔒---
205748Samsung Checkout IAPService sql injection [CVE-2022-36839]medium🔒---
205747Samsung Galaxy Wearable information disclosure [CVE-2022-36838]low🔒---
205746Samsung Email improper authorization [CVE-2022-36837]low🔒---
205745Samsung Charm authorization [CVE-2022-36836]low🔒---
205744ESTsoft Alyac OLE File integer overflow to buffer overflow [CVE-2022-32543]medium🔒---
205743ESTsoft Alyac OLE File integer overflow to buffer overflow [CVE-2022-29886]medium🔒---
205742TCL LinkHub Mesh Wifi MS1G Network Packet confctl_get_guest_wlan information disclosurelow🔒---
205741TCL LinkHub Mesh Wi-Fi MS1G Network Packet confctl_get_master_wlan information disclosurelow🔒---
205740TCL LinkHub Mesh Wi-Fi MS1G libcommonprod.so prod_change_root_passwd hard-coded passwordmedium🔒---
205739NVIDIA vGPU Software Virtual GPU Manager improper authorizationhigh🔒---
205738Go Ethereum Reward Riskless Uncle Making access controlmedium🔒---
205737NVIDIA vGPU Software Virtual GPU Manager double free [CVE-2022-31614]medium🔒---
205736Complete Online Job Search System cross site scripting [CVE-2022-35163]low🔒---
205735Complete Online Job Search System cross site scripting [CVE-2022-35162]low🔒---
205734SourceCodester Gym Management System login.php sql injectionmedium🔒---
205733Samsung Internet Browser information disclosure [CVE-2022-36835]low🔒---
205732Samsung Cameralyzer WebApp access control [CVE-2022-36832]low🔒---
205731Samsung Notes UriFileUtils path traversal [CVE-2022-36831]low🔒---
205730Michlol rashim Web Interface resource injection [CVE-2022-34769]medium🔒---
205729Samsung Charm Bluetooth onCharacteristicChanged implicit intent for sensitive communicationlow🔒---
205728Samsung Charm Bluetooth onCharacteristicRead implicit intent for sensitive communicationlow🔒---
205727Samsung DesktopSystemUI access control [CVE-2022-33731]medium🔒---
205726Samsung Mobile Device NFC ConfirmConnectActivity information disclosurelow🔒---
205725oretnom23 Fast Food Ordering System Menu List Page cross site scriptinglow🔒---
205724Samsung Mobile Device SecDevicePickerDialog onCreate improper restriction of rendered ui layersmedium🔒---
205723Samsung Galaxy Friends dead code [CVE-2022-33726]low🔒---
205722Samsung Knox VPN code injection [CVE-2022-33725]low🔒---
205721Samsung Mobile Device BluetoothScanDialog onCreate improper restriction of rendered ui layersmedium🔒---
205720Samsung Smart View MAC Address improper authorization [CVE-2022-33722]low🔒---
205719Samsung DeX for PC code injection [CVE-2022-33721]medium🔒---
205718Samsung Baseband heap-based overflow [CVE-2022-33719]medium🔒---
205717Samsung Wi-Fi Service App authorization [CVE-2022-33718]medium🔒---
205716Samsung SemWifiApBroadcastReceiver Mobile Hotspot access controlmedium🔒---
205715Arista CloudVision Portal log file [CVE-2022-29071]low🔒---
205714Unitree Go 1 improper authorization [CVE-2022-2675]medium🔒---
205713GitLab Enterprise Edition access control [CVE-2022-2501]low🔒---
205712GitLab Community Edition/Enterprise Edition Job Error Message cross site scriptinglow🔒---
205711GitLab Enterprise Edition Pipeline access control [CVE-2022-2498]medium🔒---
205710GitLab Community Edition/Enterprise Edition Public Project access controlmedium🔒---
205709Moodle Grade History Report access control [CVE-2020-1754]low🔒---
205708administrate OAuth cross-site request forgery [CVE-2016-3098]low🔒---
205707Ethermint exposure of resource [CVE-2022-35936]medium🔒---
205706hestiacp input validation [CVE-2022-2636]medium🔒---
205705Samsung Dex for PC out-of-bounds write [CVE-2022-33730]medium🔒---
205704KVM use after free [CVE-2022-1158]medium🔒---
205703Artica Pandora FMS Module Form cross site scripting [CVE-2021-46680]low🔒---
205702Artica Pandora FMS Service Element cross site scripting [CVE-2021-46679]low🔒---
205701Artica Pandora FMS Service Name cross site scripting [CVE-2021-46678]low🔒---
205700Artica Pandora FMS Event Filter cross site scripting [CVE-2021-46677]low🔒---
205699Artica Pandora FMS cross site scripting [CVE-2021-46676]low🔒---
205698Supersmart.me Walk Through QR Code access control [CVE-2022-34768]medium🔒---
205697KeyCloak SAML Protocol Mapper unrestricted upload [CVE-2022-2668]medium🔒---
205696GitLab Community Edition/Enterprise Edition Issue Filter information disclosurelow🔒---
205695GitLab Community Edition/Enterprise Edition DataDog information disclosurelow🔒---
205694GitLab Enterprise Edition Grafana API path traversal [CVE-2022-2531]medium🔒---
205693GitLab Community Edition/Enterprise Edition TODO information disclosurelow🔒---
205692GitLab Community Edition/Enterprise Edition Access Token information disclosurelow🔒---
205691GitLab Enterprise Edition Email Invite access control [CVE-2022-2459]medium🔒---
205690GitLab Community Edition/Enterprise Edition POST Request access controllow🔒---
205689GitLab Community Edition/Enterprise Edition Branch Name access controlmedium🔒---
205688GitLab Community Edition/Enterprise Edition Private Project access controlmedium🔒---
205687GitLab Community Edition/Enterprise Edition Token access controlmedium🔒---
205686Linux Kernel TCP Source Port tcp.c unknown vulnerabilitymedium🔒---
205685Arista EOS NAT ACL Rule Filter access control [CVE-2021-28511]medium🔒---
205684Artica Pandora FMS cross site scripting [CVE-2021-46681]low🔒---
205683F-Secure Atlant PE32-Bit File denial of service [CVE-2022-28880]low🔒---
205682GitLab Enterprise Edition resource injection [CVE-2022-2499]low🔒---
205681GitLab Community Edition/Enterprise Edition 2FA Enforcement improper authenticationmedium🔒---
205680Starfish Rich Reviews Plugin cross-site request forgery [CVE-2021-36861]low🔒---
205679JumpDEMAND ActiveDEMAND Plugin improper authentication [CVE-2022-36296]medium🔒---
205678StoreApps Affiliate for WooCommerce Premium Plugin User Profile Page resource injectionmedium🔒---
205677StoreApps Affiliate for WooCommerce Premium Plugin access controlmedium🔒---
205676Linux Kernel NTFS Journal fslog.c log_replay double freemedium🔒---
205675Undertow POST Request resource consumption [CVE-2022-2053]low🔒---
205674MailerLite Signup Forms Plugin API Key cross-site request forgerylow🔒---
205673SourceCodester Interview Management System addQuestion.php cross site scriptinglow🔒---
205672SourceCodester Apartment Visitor Management System manage-apartment.php cross site scriptinglow🔒---
205671SourceCodester Simple Food Ordering System login.php cross site scriptinglow🔒---
205670SourceCodester Alphaware Simple E-Commerce System stockin.php cross site scriptinglow🔒---
205669SourceCodester Online Student Admission System Student User Page edit-profile.php cross site scriptinglow🔒---
205668SourceCodester Church Management System login.php sql injectionmedium🔒---
205667SourceCodester Interview Management System viewReport.php sql injectionmedium🔒---
205666SourceCodester Alphaware Simple E-Commerce System Background Management Page admin_feature.php unrestricted uploadmedium🔒---
205665SourceCodester Apartment Visitor Management System index.php sql injectionmedium🔒---
205664SourceCodester Electronic Medical Records System POST Request sql injectionmedium🔒---
205663dotCMS Admin Portal cross site scripting [CVE-2022-37431]low🔒---
205662hestiacp privileges assignment [CVE-2022-2626]low🔒---
205661acrontum filesystem-template fetchRepo API command injectionmedium🔒---
205660zlib Header inflate.c inflateGetHeader heap-based overflowmedium🔒---
205659Ittiam libmpeg2 impeg2_mc_fullx_fully_8x8 buffer overflowmedium🔒---
205658SourceCodester Best Fee Management System admin_class.php login sql injectionmedium🔒---
205657Rigatur Online Booking and Hotel Management System POST Request login.php sql injectionmedium🔒---
205656SourceCodester Garage Management System createUser.php sql injectionmedium🔒---
205655SourceCodester Garage Management System removeUser.php sql injectionmedium🔒---
205654Contiki-NG IPv6 Neighbor Discovery uip-nd6.c uip_buf out-of-boundslow🔒---
205653Grommunio Gromox PAM Module permission [CVE-2022-37030]medium🔒---
205652Renato cross site scripting [CVE-2022-35144]low🔒---
205651Renato denial of service [CVE-2022-35142]low🔒---
205650cosign signature verification [CVE-2022-35929]medium🔒---
205649muhttpd URL request.c do_request information disclosurelow🔒---
205648Samsung mTower __utee_from_attr buffer overflowmedium🔒---
205647Renato weak password [CVE-2022-35143]low🔒---
205646TOTOLINK A3600R shadow.sample hard-coded credentialsmedium🔒---
205645Crow query_string.h qs_parse denial of servicelow🔒---
205644Nextcloud Server Federated Share insufficient logging [CVE-2022-31120]low🔒---
205643PolicyController Image signature verification [CVE-2022-35930]medium🔒---
205642Contiki-NG Routing Protocol set_ip_from_prefix buffer overflowmedium🔒---
205641Contiki-NG IPv6 Address buffer overflow [CVE-2021-32771]medium🔒---
205640Uniwill SparkIO.sys Driver IOCTL stack-based overflow [CVE-2022-37415]medium🔒---
205639F5 BIG-IP iRules Command privileges management [CVE-2022-33962]medium🔒---
205638F5 NGINX Ingress Controller Ingress Object information disclosurelow🔒---
205637F5 BIG-IP/BIG-IQ Configuration Utility session expiration [CVE-2022-35728]medium🔒---
205636F5 BIG-IP iControl REST Endpoint privileges management [CVE-2022-35243]medium🔒---
205635F5 BIG-IP Traffic Intelligence Feed certificate validation [CVE-2022-34865]medium🔒---
205634F5 BIG-IP/BIG-IQ Centralized Management iControl SOAP denial of servicelow🔒---
205633F5 BIG-IP LTM Monitor/APM SSO out-of-bounds [CVE-2022-33968]low🔒---
205632F5 BIG-IP Appliance Mode Restrictions path traversal [CVE-2022-31473]low🔒---
205631F5 BIG-IP Configuration Utility injection [CVE-2022-35735]medium🔒---
205630F5 BIG-IP Traffic Management Microkernel null pointer dereferencemedium🔒---
205629F5 NGINX Instance Manager API resource consumption [CVE-2022-35241]medium🔒---
205628F5 BIG-IP Message Routing denial of service [CVE-2022-35240]medium🔒---
205627F5 BIG-IP HTTP2 Profile resource consumption [CVE-2022-35236]medium🔒---
205626F5 BIG-IP Traffic Management Microkernel infinite loop [CVE-2022-34862]medium🔒---
205625BIG BIG-IP/BIG-IQ Traffic Management Microkernel denial of servicelow🔒---
205624F5 BIG-IP Traffic Management Microkernel payload uninitialized variablemedium🔒---
205623F5 BIG-IP Traffic Management Microkernel respond null pointer dereferencemedium🔒---
205622F5 BIG-IP Traffic Management User Interface deserialization [CVE-2022-33947]medium🔒---
205621F5 BIG-IP Service Connect Agent resource consumption [CVE-2022-33203]medium🔒---
205620F5 BIG-IP Traffic Management Microkernel null pointer dereferencemedium🔒---
205619SourceCodester Loan Management System delete_lplan.php sql injectionmedium🔒---
205618SourceCodester Loan Management System login.php sql injectionmedium🔒---
205617Backdoor.Win32.Bushtrommel.122 Service Port 31745 improper authenticationmedium🔒---
205616Backdoor.Win32.Bushtrommel.122 Service Port 31745 backdoormedium🔒---
205615SourceCodester Simple E-Learning System classroom.php sql injectionmedium🔒---
205614Private Cloud Management Platform POST Request global_config_query improper authenticationmedium🔒---
205613Nextcloud Mail log file [CVE-2022-31119]low🔒---
205612F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2022-35272]medium🔒---
205611Apache Hadoop API FileUtil.unTar argument injectionmedium🔒---
205610Nextcloud Mail CSS Minifier css_optimiser.php server-side request forgerymedium🔒---
205609Nextcloud Server Federated Share sharing excessive authenticationlow🔒---
205608OMICARD EDM Mail Image Relay path traversal [CVE-2022-35216]medium🔒---
205607OMICARD EDM hard-coded credentials [CVE-2022-32965]high🔒---
205606OMICARD EDM API Function sql injection [CVE-2022-32964]medium🔒---
205605OMICARD EDM path traversal [CVE-2022-32963]medium🔒---
205604Planka Environment Variable environ path traversalmedium🔒---
205603v4l2loopback Card Label format string [CVE-2022-2652]medium🔒---
205602BookWyrm authentication bypass [CVE-2022-2651]low🔒---
205601Apache JSPWiki Image Plugin cross-site request forgery [CVE-2022-34158]low🔒---
205600Apache JSPWiki Request AJAXPreview.jsp cross site scriptinglow🔒---
205599Apache JSPWiki WeblogPlugin cross site scripting [CVE-2022-28732]low🔒---
205598Apache JSPWiki Email UserPreferences.jsp cross-site request forgerylow🔒---
205597Apache JSPWiki Request XHRHtml2Markup.jsp cross site scriptinglow🔒---
205596SourceCodester Multi Language Hotel Management Software sql injectionmedium🔒---
205595SourceCodester Multi Language Hotel Management Software sql injectionmedium🔒---
205594jeecg-boot unrestricted upload [CVE-2022-2647]medium🔒---
205593xhyve e1000 Virtual Device stack-based overflow [CVE-2022-35867]medium🔒---
205592Tencent TscanCode tsclua denial of service [CVE-2022-35158]low🔒---
205591HCL Launch authorization [CVE-2022-27551]low🔒---
205590Fortinet FortiOS CLI access control [CVE-2022-23442]medium🔒---
205589JetBrains Rider Project Dialog code injection [CVE-2022-37396]medium🔒---
205588TripleCross Control Command memory corruption [CVE-2022-35505]medium🔒---
205587GVRET SerialConsole.cpp handleConfigCmd buffer overflowmedium🔒---
205586Luadec UnsetPending heap-based overflowmedium🔒---
205585Vinchin Backup and Recovery hard-coded credentials [CVE-2022-35866]medium🔒---
205584BMC Track-It! HTTP Request missing authentication [CVE-2022-35865]medium🔒---
205583DevExpress SafeBinaryFormatter deserialization [CVE-2022-28684]medium🔒---
205582Sante DICOM Viewer Pro J2K File Parser out-of-bounds write [CVE-2022-28668]medium🔒---
205581Sante PACS Server sql injection [CVE-2022-2272]medium🔒---
205580Django Header FileResponse information disclosurelow🔒---
205579D-Link DIR810LA1 Ping_addr command injectionmedium🔒---
205578D-Link DIR820LA1 ping.ccp buffer overflowmedium🔒---
205577ConnMan WISPR HTTP Query use after free [CVE-2022-32293]medium🔒---
205576BMC Track-It! Endpoint GetPopupSubQueryDetails sql injectionlow🔒---
205575Centreon Virtual Metrics sql injection [CVE-2022-34872]medium🔒---
205574Centreon sql injection [CVE-2022-34871]medium🔒---
205573SourceCodester Garage Management System edituser.php cross site scriptinglow🔒---
205572SourceCodester Online Admission System index.php cross site scriptinglow🔒---
205571ConnMan gweb received_data heap-based overflowmedium🔒---
205570TripleCross stack-based overflow [CVE-2022-35506]medium🔒---
205569CKEditor 5 cross site scripting [CVE-2022-31175]low🔒---
205568AES Crypt buffer overflow [CVE-2022-35928]medium🔒---
205567PostgreSQL JDBC Driver java.sql.ResultRow.refreshRow sql injectionmedium🔒---
205566Backdoor.Win32.Jokerdoor Service Port 27374 stack-based overflowmedium🔒---
205565SourceCodester Online Admission System GET Parameter sql injectionmedium🔒---
205564SourceCodester Online Admission System POST Parameter sql injectionmedium🔒---
205563Fortinet FortiADC HTTP Request access control [CVE-2022-27484]medium🔒---
205562D-Link DIR-818LW binary.soapcgi_main Privilege Escalationmedium🔒---
205561D-Link DIR-818LW ssdpcgi_main Privilege Escalationmedium🔒---
205560SQLite C API array index [CVE-2022-35737]medium🔒---
205559OpenStack Nova Neutron Port denial of service [CVE-2022-37394]low🔒---
205558Synology USB Copy WebAPI path traversal [CVE-2022-27621]medium🔒---
205557VMware Workspace ONE Access cross site scripting [CVE-2022-31663]low🔒---
205556VMware Workspace ONE Access path traversal [CVE-2022-31662]medium🔒---
205555VMware Workspace ONE Access/Identity Manager URL injection [CVE-2022-31657]medium🔒---
205554VMware Workspace ONE Access JDBC injection [CVE-2022-31665]medium🔒---
205553VMware Workspace ONE Access access control [CVE-2022-31664]medium🔒---
205552VMware Workspace ONE Access access control [CVE-2022-31661]medium🔒---
205551VMware Workspace ONE Access access control [CVE-2022-31660]medium🔒---
205550VMware Workspace ONE Access/Identity Manager sql injection [CVE-2022-31659]medium🔒---
205549VMware Workspace ONE Access JDBC injection [CVE-2022-31658]medium🔒---
205548VMware Workspace ONE Access improper authentication [CVE-2022-31656]high🔒---
205547TIBCO iWay Service Manager Console cross site scripting [CVE-2022-30571]low🔒---
205546Mealie cross site scripting [CVE-2022-34619]low🔒---
205545Mealie cross site scripting [CVE-2022-34618]low🔒---
205544HiCOS Natural Person Credential Component Client out-of-bounds writemedium🔒---
205543NHI Card Network Packet stack-based overflow [CVE-2022-35217]medium🔒---
205542GitHub Enterprise Server Content Security Policy cross site scriptinglow🔒---
205541Percona fetch_step denial of servicelow🔒---
205540MonetDB Database Server assertion [CVE-2022-34967]medium🔒---
205539Synology Note Station Client Authentication Management cleartext transmissionlow🔒---
205538Progress WS_FTP Server Administrative Interface cross-site request forgerylow🔒---
205537Progress WS_FTP Server Administrative Web Interface cross site scriptinglow🔒---
205536v8n Regular Expression uppercase resource consumptionlow🔒---
205535Lanling OA Landray Office Automation custom.jsp information disclosurelow🔒---
205534Quest KACE Systems Management Appliance improper authenticationmedium🔒---
205533Quest KACE Systems Management Appliance Appliance Linking random valueslow🔒---
205532NCI Card Network Packet out-of-bounds write [CVE-2022-35219]low🔒---
205531NHI Card Web Service out-of-bounds write [CVE-2022-35218]low🔒---
205530tooljet access control [CVE-2022-2631]medium🔒---
205529Thales Citadel Web Client HTML Tag cross site scripting [CVE-2022-1293]low🔒---
205528Mealie File unrestricted upload [CVE-2022-34613]medium🔒---
205527socket.io-client null pointer dereference [CVE-2022-25867]low🔒---
205526Flask-Security URL Validation get_post_login_redirectmedium🔒---
205525get-npm-package-version index.js main command injectionmedium🔒---
205524npos-tesseract ocr.js injection [CVE-2020-28453]medium🔒---
205523image-tiler Remote Code Execution [CVE-2020-28451]medium🔒---
205522heroku-env get.js injection [CVE-2020-28437]medium🔒---
205521gitblame gitblame.js injection [CVE-2020-28434]medium🔒---
205520node-latex-pdf Remote Code Execution [CVE-2020-28433]medium🔒---
205519curljs Remote Code Execution [CVE-2020-28425]medium🔒---
205518s3-kilatstorage Remote Code Execution [CVE-2020-28424]medium🔒---
205517monorepo-build Remote Code Execution [CVE-2020-28423]medium🔒---
205516BigTree CMS PDF File unrestricted upload [CVE-2022-36197]medium🔒---
205515JFinal CMS user sql injectionmedium🔒---
205514PingCAP TiDB null pointer dereference [CVE-2022-34969]low🔒---
205513MilkyTracker XM Module File load stack-based overflowmedium🔒---
205512Synology DiskStation Manager WebAPI os command injection [CVE-2022-27616]medium🔒---
205511NextAuth.js input validation [CVE-2022-35924]medium🔒---
205510EasyUse MailHunter Ultimate Cookie deserialization [CVE-2022-35223]medium🔒---
205509Mealie Jinja2 Template injection [CVE-2022-34625]medium🔒---
205508Atlassian Jira Service Management Server/Data Center Group browsegroups.action information disclosurelow🔒---
205507Synology SSO Server WebAPI path traversal [CVE-2022-27620]low🔒---
205506Synology Storage Analyzer path traversal [CVE-2022-27618]low🔒---
205505Synology Calendar WebAPI path traversal [CVE-2022-27617]medium🔒---
205504BookWyrm nginx.conf excessive authenticationlow🔒---
205503FRRouting bgpd bgp_packet.c bgp_notify_send_with_data use after freelow🔒---
205502ARM Mali GPU Kernel Driver memory corruption [CVE-2022-33917]medium🔒---
205501Laravel ChanceGenerator __call Privilege Escalationmedium🔒---
205500Yuba U5cms savepage.php cross-site request forgerylow🔒---
205499Quest KACE Systems Management Appliance download_agent_installer.php sql injectionmedium🔒---
205498TIBCO iWay Service Manager Console pathname traversal [CVE-2022-30572]medium🔒---
205497rsync File Name channel accessible [CVE-2022-29154]medium🔒---
205496Interactive Infocom Teamplus Pro Thread Subject allocation of resourceslow🔒---
205495Interactive Infocom Teamplus Pro allocation of resources [CVE-2022-35220]low🔒---
205494MediaTek MT8797 cta permission [CVE-2022-26429]medium🔒---
205493beancount fava cross site scripting [CVE-2022-2589]low🔒---
205492PyroCMS cross site scripting [CVE-2022-35118]low🔒---
205491Backdrop CMS Password Reset information disclosure [CVE-2022-34530]low🔒---
205490University of Texas Mango Plugins access controlmedium🔒---
205489MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26445]medium🔒---
205488MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26444]medium🔒---
205487MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26443]medium🔒---
205486MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26442]medium🔒---
205485MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26441]medium🔒---
205484MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26440]medium🔒---
205483MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26439]medium🔒---
205482MediaTek MT8981 WiFi Driver out-of-bounds write [CVE-2022-26438]medium🔒---
205481MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26435]medium🔒---
205480MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26434]medium🔒---
205479MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26433]medium🔒---
205478MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26432]medium🔒---
205477MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26431]medium🔒---
205476MediaTek MT8797 Mailbox out-of-bounds write [CVE-2022-26430]medium🔒---
205475graphql-go Type Definition Parser recursion [CVE-2022-37315]low🔒---
205474Solana Pay Transaction validateTransfer control flowlow🔒---
205473OpenZeppelin CrossChainEnabledArbitrumL2/LibArbitrumL2 resource transfermedium🔒---
205472Shescape Regular Expression escapeAll injectionmedium🔒---
205471DSpace dspace-jspui cross site scripting [CVE-2022-31191]low🔒---
205470CVAT server-side request forgery [CVE-2022-31188]medium🔒---
205469fof byobu privileges management [CVE-2022-35921]medium🔒---
205468OpenZeppelin supportsInterface resource consumptionlow🔒---
205467Bolt Privilege Escalation [CVE-2022-31321]low🔒---
205466OpenZeppelin GovernorVotesQuorumFraction calculation [CVE-2022-31198]medium🔒---
205465DSpace ItemImportServiceImpl path traversal [CVE-2022-31195]medium🔒---
205464DSpace dspace-jspui redirect [CVE-2022-31193]medium🔒---
205463DSpace dspace-xmlui information disclosure [CVE-2022-31190]low🔒---
205462DSpace dspace-jspui internal.jsp information exposurelow🔒---
205461fs2 certificate validation [CVE-2022-31183]medium🔒---
205460Shescape API Function injection [CVE-2022-31179]medium🔒---
205459eLabFTW Template authorization [CVE-2022-31178]low🔒---
205458Pligg CMS load_data_for_groups.php sql injectionmedium🔒---
205457Pligg CMS load_data_for_topusers.php sql injectionmedium🔒---
205456Web Based Quiz System update.php sql injectionmedium🔒---
205455Pharmacy Management System invoiceprint.php sql injectionmedium🔒---
205454Pharmacy Management System getOrderReport.php sql injectionmedium🔒---
205453Pharmacy Management System edituser.php sql injectionmedium🔒---
205452Pharmacy Management System getsalereport.php sql injectionmedium🔒---
205451Pharmacy Management System editproduct.php sql injectionmedium🔒---
205450Pharmacy Management System login.php sql injectionmedium🔒---
205449Pharmacy Management System editbrand.php sql injectionmedium🔒---
205448Pharmacy Management System editcategory.php sql injectionmedium🔒---
205447Pharmacy Management System getexpproduct.php sql injectionmedium🔒---
205446Pharmacy Management System getproductreport.php sql injectionmedium🔒---
205445Online Tours And Travels Management System packages.php sql injectionmedium🔒---
205444Sourcegraph Saved Search authorization [CVE-2022-31155]medium🔒---
205443Sourcegraph authorization [CVE-2022-31154]medium🔒---
205442DSpace dspace-jspui cross site scripting [CVE-2022-31192]low🔒---
205441NextAuth.js log file [CVE-2022-31186]low🔒---
205440Discourse Nginx Proxy Configuration denial of service [CVE-2022-31182]low🔒---
205439Rust-WebSocket Untrusted Source with_capacity resource consumptionlow🔒---
205438DSpace dspace-jspui FileUploadRequest path traversalmedium🔒---
205437Discourse Email Activation Route allocation of resources [CVE-2022-31184]low🔒---
205436Juniper resource consumption [CVE-2022-31173]medium🔒---
205435Streamlit Web Server File-System path traversal [CVE-2022-35918]medium🔒---
205434Flask-AppBuilder information disclosure [CVE-2022-31177]low🔒---
205433Sanic framework path traversalmedium🔒---
205432MinIO path traversal [CVE-2022-35919]medium🔒---
205431mprweb Email Address information disclosure [CVE-2022-31185]low🔒---
205430PrestaShop sql injection [CVE-2022-31181]medium🔒---
205429MediaTek MT8695 Video Codec memory corruption [CVE-2022-26428]medium🔒---
205428MediaTek MT6833/MT6853/MT6873/MT6877/MT6893 Camera ISP out-of-bounds writemedium🔒---
205427MediaTek MT8797 Camera ISP out-of-bounds write [CVE-2022-26426]medium🔒---
205426Shopware Customer Module cross site scripting [CVE-2022-31148]low🔒---
205425Enalean Tuleap REST Endpoint authorization [CVE-2022-31128]medium🔒---
205424IBM CICS TX input validation [CVE-2022-34164]medium🔒---
205423IBM CICS TX HTTP Header injection [CVE-2022-34163]medium🔒---
205422IBM CICS TX Local Privilege Escalation [CVE-2022-33955]low🔒---
205421IBM CICS TX missing secure attribute [CVE-2022-34307]low🔒---
205420IBM CICS TX cross-site request forgery [CVE-2022-34161]low🔒---
205419laminas-diactoros Server Request fromGlobals cross site scriptinglow🔒---
205418IBM CICS TX improper restriction of rendered ui layers [CVE-2022-34162]low🔒---
205417MediaTek MT6893 Camera ISP out-of-bounds write [CVE-2022-21792]medium🔒---
205416MediaTek MT8798 Audio IPI memory corruption [CVE-2022-21789]medium🔒---
205415MediaTek MT6879/MT6895/MT6983 SCP Local Privilege Escalationlow🔒---
205414Nlnet Labs Unbound Domain Name Remote Code Execution [CVE-2022-30699]low🔒---
205413Nlnet Labs Unbound Domain Name Remote Code Execution [CVE-2022-30698]low🔒---
205412vim undefined behavior for input to api [CVE-2022-2598]low🔒---
205411node-fetch denial of service [CVE-2022-2596]low🔒---
205410vim out-of-bounds [CVE-2022-2581]low🔒---
205409vim heap-based overflow [CVE-2022-2580]medium🔒---
205408vim heap-based overflow [CVE-2022-2571]medium🔒---
205407Pandora FMS User Management Module improper authorization [CVE-2022-26310]medium🔒---
205406MediaTek MT6855/MT6879/MT6895/MT6983 EMI MPU out-of-bounds [CVE-2022-26436]low🔒---
205405MediaTek MT6833/MT6853/MT6873/MT6877/MT6885/MT6893 Camera ISP out-of-boundslow🔒---
205404MediaTek MT6833/MT6853/MT6873/MT6877/MT6893 Camera ISP out-of-boundslow🔒---
205403Pandora FMS Bulk Operation cross-site request forgery [CVE-2022-26309]low🔒---
205402Bosch BF-OS unknown vulnerability [CVE-2022-36302]low🔒---
205401MediaTek MT2621/MT2625 httpclient out-of-bounds write [CVE-2022-26437]medium🔒---
205400kromitgmbh titra improper authorization [CVE-2022-2595]medium🔒---
205399Realtek eCos RSDK/eCos MSDK SIP ALG stack-based overflow [CVE-2022-27255]medium🔒---
205398Pandora FMS Configuration access control [CVE-2022-26308]medium🔒---
205397Lura/KrakenD-CE URL Parameter modification of assumed-immutable datalow🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
205396Bosch BF-OS weak password [CVE-2022-36301]low🔒---
205395ideasToCode Enable SVG, WebP & ICO Upload Plugin cross site scriptinglow🔒---
205394Featured Image from URL Plugin cross-site request forgery [CVE-2022-2241]low🔒---
205393Progressive License Plugin cross-site request forgery [CVE-2022-2171]low🔒---
205392Flexi Quote Rotator Plugin Setting cross site scripting [CVE-2022-2328]low🔒---
205391Invitation Based Registrations Plugin Setting cross site scriptinglow🔒---
205390Popup Plugin Setting cross site scripting [CVE-2022-2305]low🔒---
205389Featured Image from URL Plugin cross site scripting [CVE-2022-2278]low🔒---
205388GiveWP Plugin cross-site request forgery [CVE-2022-2260]low🔒---
205387Counter Box Plugin cross-site request forgery [CVE-2022-2245]low🔒---
205386ideasToCode Enable SVG, WebP & ICO Upload Plugin unrestricted uploadmedium🔒---
205385GnuTLS pkcs7 Signature Verification gnutls_pkcs7_verify double freemedium🔒---
205384GiveWP Plugin Currency Setting cross site scripting [CVE-2022-2215]low🔒---
205383CAPTCHA 4WP Plugin Admin Template require_once cross-site request forgerylow🔒---
205382Advanced Reset Plugin Admin Dashboard cross site scripting [CVE-2022-2181]low🔒---
205381Copyright Proof Plugin AJAX Action cross site scripting [CVE-2022-1906]low🔒---
205380Event Timeline Plugin Timeline Text cross site scripting [CVE-2022-1324]low🔒---
205379Login with Phone Number Plugin Setting cross site scripting [CVE-2022-0598]low🔒---
205378YaySMTP Plugin Mailer Credential authorization [CVE-2022-2370]low🔒---
205377YaySMTP Plugin Log authorization [CVE-2022-2369]low🔒---
205376Simple Membership Plugin Registration privileges management [CVE-2022-2317]medium🔒---
205375Simple Membership Plugin POST privileges management [CVE-2022-2273]medium🔒---
205374Youzify Plugin sql injection [CVE-2022-1950]medium🔒---
205373Microsoft Advertising Universal Event Tracking Plugin Setting cross site scriptinglow🔒---
205372Project Source Code Download Plugin Backup wp-config.php file accesslow🔒---
205371YOP Poll Plugin HTTP Header authorization [CVE-2022-1600]low🔒---
205370Atlassian JIRA Server/Data Center Velocity Template code injectionmedium🔒---
205369IBM DataPower Gateway server-side request forgery [CVE-2022-31776]medium🔒---
205368IBM UrbanCode Deploy information disclosure [CVE-2022-35716]low🔒---
205367IBM Robotic Process Automation Bulk Upload insufficiently protected credentialslow🔒---
205366IBM Robotic Process Automation API access control [CVE-2022-30616]medium🔒---
205365IBM Robotic Process Automation information disclosure [CVE-2022-22505]low🔒---
205364IBM Robotic Process Automation information disclosure [CVE-2022-22334]low🔒---
205363IBM DataPower Gateway improper authorization [CVE-2022-22326]medium🔒---
205362IBM DataPower Gateway Web UI cross site scripting [CVE-2022-32750]low🔒---
205361IBM DataPower Gateway xml external entity reference [CVE-2022-31775]low🔒---
205360IBM DataPower Gateway Web UI cross site scripting [CVE-2022-31774]low🔒---
205359IBM Robotic Process Automation information disclosure [CVE-2022-34338]low🔒---
205358HPE iLO 5 Local Privilege Escalation [CVE-2022-28636]medium🔒---
205357HPE iLO 5 Local Privilege Escalation [CVE-2022-28635]medium🔒---
205356HPE iLO 5 Local Privilege Escalation [CVE-2022-28634]medium🔒---
205355HPE iLO 5 Remote Code Execution [CVE-2022-28633]medium🔒---
205354HPE iLO 5 Remote Code Execution [CVE-2022-28632]medium🔒---
205353HPE iLO 5 Remote Code Execution [CVE-2022-28631]medium🔒---
205352HPE iLO 5 Local Privilege Escalation [CVE-2022-28630]medium🔒---
205351HPE iLO 5 Local Privilege Escalation [CVE-2022-28629]medium🔒---
205350HPE iLO 5 Local Privilege Escalation [CVE-2022-28628]medium🔒---
205349HPE iLO 5 Local Privilege Escalation [CVE-2022-28627]medium🔒---
205348HPE iLO 5 Local Privilege Escalation [CVE-2022-28626]medium🔒---
205347Gutenberg Plugin SVG Document cross site scripting [CVE-2022-33994]low🔒---
205346Backdoor.Win32.Destrukor.20 Service Port 6969 improper authenticationmedium🔒---
205345Backdoor.Win32.Destrukor.20 Service Port 6969 backdoormedium🔒---
205344TEM FLEX-1085 reboot denial of servicemedium🔒---
205343Rockwell Automation ISaGRAF Workbench deserialization [CVE-2022-2465]medium🔒---
205342Rockwell Automation ISaGRAF Workbench path traversal [CVE-2022-2464]medium🔒---
205341Rockwell Automation ISaGRAF Workbench 7z File path traversalmedium🔒---
205340AutomationDirect SIO-MB04RTDS cleartext transmission [CVE-2022-2485]low🔒---
205339Inductive Automation Ignition xml external entity reference [CVE-2022-1704]low🔒---
205338Moxa NPort 5110 out-of-bounds write [CVE-2022-2044]medium🔒---
205337Moxa NPort 5110 out-of-bounds write [CVE-2022-2043]medium🔒---
205336Velocidex Velociraptor GUI cross site scripting [CVE-2022-35632]low🔒---
205335Velocidex Velociraptor Collection Report cross site scriptinglow🔒---
205334Trend Micro VPN Proxy Pro permission [CVE-2022-33158]medium🔒---
205333SonicWALL Hosted Email Security Capture ATP Security Service security checklow🔒---
205332Velocidex Velociraptor improper authentication [CVE-2022-35629]medium🔒---
205331Trend Micro Apex One/Worry-Free Business Security link followingmedium🔒---
205330Dogtag PKI XML Document Parser xml external entity referencemedium🔒---
205329Trend Micro Security 2021/Security 2022 out-of-bounds [CVE-2022-35234]low🔒---
205328EllieGrid App code injection [CVE-2022-30083]medium🔒---
205327Chia Network CAT1 Standard unknown vulnerability [CVE-2022-36447]low🔒---
205326D-Link DSL-3782 getAttrValue stack-based overflowmedium🔒---
205325D-Link DSL-3782 byte_4C0160 command injectionmedium🔒---
205324Tiffsplit TIFF File _TIFFVGetField stack-based overflowmedium🔒---
205323HiBy R3 Pro unrestricted upload [CVE-2022-34496]medium🔒---
205322Autodesk Design Review TGA File DesignReview.exe out-of-bounds writemedium🔒---
205321Autodesk Design Review PDF File DesignReview.exe double freemedium🔒---
205320Western Digital Sweet B Cryptographic Library NIST P-256 Curve unknown vulnerabilitylow🔒---
205319Velocidex Velociraptor temp file [CVE-2022-35631]medium🔒---
205318HCL Remote Store Server insufficiently protected credentialslow🔒---
205317Autodesk Fusion360 HTTP Request access control [CVE-2022-27873]medium🔒---
205316Autodesk Design Review TIFF File DesignReview.exe out-of-boundsmedium🔒---
205315SonicWALL Switch command injection [CVE-2022-2323]medium🔒---
205314Western Digital Sweet B Cryptographic Library NIST P-256 Curve unknown vulnerabilitylow🔒---
205313Western Digital Sweet B Cryptographic Library NIST P-256 Elliptic Curve unknown vulnerabilitylow🔒---
205312Western Digital Sweet B Cryptographic Library Elliptic Curve calculationlow🔒---
205311Autodesk AutoCAD 2023 PRT File out-of-bounds [CVE-2022-33881]low🔒---
205310PluginlySpeaking Floating Div Plugin cross site scripting [CVE-2022-36378]low🔒---
205309DedeCMS mytag_main.php mytag_ Privilege Escalationmedium🔒---
205308Eclipse Californium DTLS Resumption amplification [CVE-2022-2576]low🔒---
205307IBM PowerVM VIOS Remote Code Execution [CVE-2022-35643]medium🔒---
205306Linux Kernel Block Starting Symbol Privilege Escalation [CVE-2022-36123]low🔒---
205305Inavitas Solar Log sql injection [CVE-2022-1277]medium🔒---
205304Atlantis Webhook Event Validator timing discrepancy [CVE-2022-24912]low🔒---
205303Google Play services SDK play-services-basement trust boundary violationmedium🔒---
205302SourceCodester Garage Management System createUser.php cross site scriptinglow🔒---
205301SourceCodester Garage Management System createUser.php access controlmedium🔒---
205300SourceCodester Garage Management System edituser.php sql injectionmedium🔒---
205299Samba AD DC Database Audit Logging use after free [CVE-2022-32746]medium🔒---
205298Samba LDAP memory corruption [CVE-2022-32745]medium🔒---
205297Samba Password Change key management [CVE-2022-32744]medium🔒---
205296Samba SMB1 memory corruption [CVE-2022-32742]medium🔒---
205295Samba KDC/Password Service missing critical step in authenticationlow🔒---
205294SonicWALL Analytics On-Prem sql injection [CVE-2022-22280]high🔒---
205293RainLoop Email Viewer cross site scripting [CVE-2022-29360]low🔒---
205292Honeywell Safety Manager Firmware Image hard-coded credentialsmedium🔒---
205291WMAgent/reqmgr/reqmon/global-workqueue dbs-client Package Privilege Escalationmedium🔒---
205290Realtek rtl819x-SDK Web Interface command injection [CVE-2022-29558]medium🔒---
205289automattic mongoose prototype pollution [CVE-2022-2564]medium🔒---
205288Honeywell Saia Burgess PG5 PCD authentication bypass [CVE-2022-30319]medium🔒---
205287nodepdf Pdf os command injectionmedium🔒---
205286zulip SSO access control [CVE-2016-4427]medium🔒---
205285zulip Bot API Key access control [CVE-2016-4426]medium🔒---
205284Citrix ADC/Gateway redirect [CVE-2022-27509]medium🔒---
205283Booth Authfile Directive improper authentication [CVE-2022-2553]medium🔒---
205282Ovarro TBox TG2 Configuration File permission assignment [CVE-2021-22648]high🔒---
205281Ovarro TBox TG2 hard-coded key [CVE-2021-22644]low🔒---
205280Ovarro TBox TG2 Modbus Frame denial of service [CVE-2021-22642]medium🔒---
205279Honeywell Safety Manager missing authentication [CVE-2022-30313]medium🔒---
205278libxml cross site scripting [CVE-2016-3709]low🔒---
205277GitLab Contact Details cross site scripting [CVE-2022-1948]low🔒---
205276png2webp PNG File w2p out-of-bounds writemedium🔒---
205275SDL SDL_x11yuv.c XFree use after freemedium🔒---
205274PicoC variable.c null pointer dereferencelow🔒---
205273DPTech VPN information disclosure [CVE-2022-34593]low🔒---
205272Squirrel Core Interpreter sqclass.cpp out-of-boundsmedium🔒---
205271Honeywell Saia Burgess PG5 PCD risky encryption [CVE-2022-30320]low🔒---
205270Ovarro TBox TG2 Configuration code injection [CVE-2021-22646]medium🔒---
205269Ovarro TBox TG2 insufficiently protected credentials [CVE-2021-22640]low🔒---
205268Open Source Point of Sale Update Branding Settings Page unrestricted uploadmedium🔒---
205267HP Zero Client AWS Connection Provisioner channel accessiblelow🔒---
205266Ovarro TBox TG2 Project File Remote Code Execution [CVE-2021-22650]medium🔒---
205265Honeywell Safety Manager Firmware Update data authenticity [CVE-2022-30316]medium🔒---
205264SimpleNetwork TCP Server TCP Packet double free [CVE-2022-36234]medium🔒---
205263TP-LINK TL-R473G Packet Privilege Escalation [CVE-2022-34555]medium🔒---
205262IBM QRadar SIEM access control [CVE-2021-39088]medium🔒---
205261itsourcecode Advanced School Management System index.php cross site scriptinglow🔒---
205260Google Chrome WebGPU use after free [CVE-2022-2399]medium🔒---
205259Barangay Management System permit.php sql injectionmedium🔒---
205258Honeywell Safety Manager data authenticity [CVE-2022-30315]medium🔒---
205257GS Plugins GS Testimonial Slider Plugin cross site scriptinglow🔒---
205256mb.miniAudioPlayer-an HTML5 Audio Player improper authenticationmedium🔒---
205255kippo-graph KippoInput.class.php xss_clean cross site scriptinglow🔒---
205254kippo-graph KippoInput.class.php cross site scriptinglow🔒---
205253JetBrains IntelliJ IDEA Email Address input validation [CVE-2022-37010]low🔒---
205252JetBrains IntelliJ IDEA code injection [CVE-2022-37009]medium🔒---
205251Synology Media Server information disclosure [CVE-2022-27614]low🔒---
205250Synology CardDAV Server WebAPI sql injection [CVE-2022-27613]medium🔒---
205249Synology Audio Station buffer overflow [CVE-2022-27612]medium🔒---
205248Synology DiskStation Manager Task Management os command injectionmedium🔒---
205247Synology Media Server CGI buffer overflow [CVE-2022-22683]high🔒---
205246Synology Audio Station path traversal [CVE-2022-27611]medium🔒---
205245Synology WebDAV Server path traversal [CVE-2022-22685]low🔒---
205244Apache Calcite Avatica JDBC Driver initialization [CVE-2022-36364]medium🔒---
205243PHP libmagic finfo_buffer free of memory not on the heapmedium🔒---
205242Fossil Ticket cross site scripting [CVE-2022-34009]low🔒---
205241Veritas NetBackup Local Privilege Escalation [CVE-2022-36955]medium🔒---
205240Veritas NetBackup OpsCenter VxSS Subsystem hard-coded credentialsmedium🔒---
205239Veritas NetBackup OpsCenter Local Privilege Escalation [CVE-2022-36949]medium🔒---
205238Veritas NetBackup OpsCenter cross site scripting [CVE-2022-36948]low🔒---
205237GoAnywhere MFT or path traversalmedium🔒---
205236VISAM VBASE XML Document Remote Code Execution [CVE-2021-42537]low🔒---
205235VISAM user-controllable cross site scripting [CVE-2021-42535]low🔒---
205234AVEVA Platform Common Services uncontrolled search path [CVE-2021-38410]medium🔒---
205233Rockwell Automation CompactLogix 5370/ControlLogix 5570 CIP Packet denial of servicelow🔒---
205232Veritas NetBackup access control [CVE-2022-36985]medium🔒---
205231Veritas NetBackup access control [CVE-2022-36995]medium🔒---
205230Veritas NetBackup information disclosure [CVE-2022-36994]low🔒---
205229Veritas NetBackup access control [CVE-2022-36991]medium🔒---
205228Veritas NetBackup access control [CVE-2022-36987]medium🔒---
205227Symantec Veritas Netbackup certificate validation [CVE-2022-36956]medium🔒---
205226Veritas NetBackup OpsCenter User Account access control [CVE-2022-36954]medium🔒---
205225Veritas NetBackup OpsCenter information disclosure [CVE-2022-36953]low🔒---
205224Veritas NetBackup OpsCenter Remote Code Execution [CVE-2022-36951]medium🔒---
205223Veritas NetBackup OpsCenter Java Classloader code injection [CVE-2022-36950]high🔒---
205222VISAM VBASE Web-remote Endpoint information disclosure [CVE-2021-38417]low🔒---
205221Veritas NetBackup server-side request forgery [CVE-2022-36997]medium🔒---
205220Veritas NetBackup information disclosure [CVE-2022-37000]low🔒---
205219Veritas NetBackup information disclosure [CVE-2022-36999]low🔒---
205218Veritas NetBackup stack-based overflow [CVE-2022-36998]medium🔒---
205217Veritas NetBackup information disclosure [CVE-2022-36996]low🔒---
205216Veritas NetBackup access control [CVE-2022-36993]medium🔒---
205215Veritas NetBackup access control [CVE-2022-36992]medium🔒---
205214Veritas NetBackup access control [CVE-2022-36990]medium🔒---
205213Veritas NetBackup Privilege Escalation [CVE-2022-36989]medium🔒---
205212Veritas NetBackup Privilege Escalation [CVE-2022-36988]medium🔒---
205211Veritas Netbackup access control [CVE-2022-36986]medium🔒---
205210Veritas NetBackup denial of service [CVE-2022-36984]medium🔒---
205209Synology DNS Server path traversal [CVE-2022-27615]medium🔒---
205208Patlite NH-FB Query String denial of service [CVE-2022-35911]low🔒---
205207Student Management System Chat Box nav_bar_action.php cross site scriptinglow🔒---
205206Cuppa CMS right.php file inclusionmedium🔒---
205205Google Chrome WebGL heap-based overflow [CVE-2022-2415]medium🔒---
205204Google Chrome HTML use after free [CVE-2022-1919]medium🔒---
205203Linux Kernel nfnetlink_queue.c nfqnl_mangle denial of servicemedium🔒---
205202Barangay Management System activity.php Privilege Escalationmedium🔒---
205201Feehi CMS cross site scripting [CVE-2022-34140]low🔒---
205200Lucene-Search Plugin Query Parameter cross site scripting [CVE-2022-36922]low🔒---
205199Coverity Plugin cross-site request forgery [CVE-2022-36920]low🔒---
205198Openstack Heat Plugin cross-site request forgery [CVE-2022-36911]low🔒---
205197OpenShift Deployer Plugin Controller File System cross-site request forgerylow🔒---
205196OpenShift Deployer Plugin cross-site request forgery [CVE-2022-36906]low🔒---
205195Maven Metadata Plugin for Jenkins CI Server URL Validation cross site scriptinglow🔒---
205194Dynamic Extended Choice Parameter Plugin Moded Extended Choice cross site scriptinglow🔒---
205193Job Configuration History Plugin System Configuration cross-site request forgerylow🔒---
205192External Monitor Job Type Plugin cross-site request forgery [CVE-2022-36886]low🔒---
205191OX Software OX App Suite E-Mail Message appHandler cross site scriptinglow🔒---
205190OX Software OX App Suite cross site scripting [CVE-2022-23099]low🔒---
205189Coverity Plugin authorization [CVE-2022-36921]medium🔒---
205188Coverity Plugin authorization [CVE-2022-36919]low🔒---
205187Buckminster Plugin Controller File System authorization [CVE-2022-36918]low🔒---
205186Android Signing Plugin authorization [CVE-2022-36915]low🔒---
205185Files Found Trigger Plugin Controller File System authorizationlow🔒---
205184Openstack Heat Plugin Controller File System authorization [CVE-2022-36913]medium🔒---
205183Openstack Heat Plugin authorization [CVE-2022-36912]medium🔒---
205182Lucene-Search Plugin HTTP Endpoint authorization [CVE-2022-36910]low🔒---
205181OpenShift Deployer Plugin Controller File System authorizationmedium🔒---
205180OpenShift Deployer Plugin permission [CVE-2022-36907]medium🔒---
205179Repository Connector Plugin Controller File System authorizationlow🔒---
205178Repository Connector Plugin authorization [CVE-2022-36903]low🔒---
205177HTTP Request Plugin Controller File System credentials storagelow🔒---
205176Compuware zAdviser API Plugin protection mechanism [CVE-2022-36900]medium🔒---
205175Compuware Xpediter Code Coverage Plugin Configuration authorizationlow🔒---
205174Compuware Topaz Utilities Plugin Configuration authorizationlow🔒---
205173CLIF Performance Testing Plugin Controller File System path traversalmedium🔒---
205172rpmsign-plugin authorization [CVE-2022-36893]low🔒---
205171rhnpush-plugin Plugin authorization [CVE-2022-36892]low🔒---
205170Deployer Framework Plugin Deployment Log authorization [CVE-2022-36891]low🔒---
205169Deployer Framework Plugin Controller File System path traversallow🔒---
205168Deployer Framework Plugin Application Path path traversal [CVE-2022-36889]medium🔒---
205167HashiCorp Vault Plugin authorization [CVE-2022-36888]low🔒---
205166GitHub Plugin timing discrepancy [CVE-2022-36885]low🔒---
205165Git Plugin Webhook Endpoint information disclosure [CVE-2022-36884]low🔒---
205164Git Plugin Build cross-site request forgery [CVE-2022-36882]low🔒---
205163Git Client Plugin SSH Host Key Verification key exchange without entity authenticationlow🔒---
205162OX Software OX App Suite Documentconverter API server-side request forgerymedium🔒---
205161OX Software OX App Suite Documentconverter API os command injectionmedium🔒---
205160OX Software OX App Suite Email Attachment Documentconverter os command injectionmedium🔒---
205159Sims addNotifyServlet cross site scriptinglow🔒---
205158hestiacp os command injection [CVE-2022-2550]medium🔒---
205157GPAC null pointer dereference [CVE-2022-2549]low🔒---
205156Google Cloud Backup Plugin Manual Backup cross-site request forgerylow🔒---
205155Compuware ISPW Operations Plugin protection mechanism [CVE-2022-36899]low🔒---
205154Compuware ISPW Operations Plugin Configuration authorizationlow🔒---
205153Compuware Source Code Download Configuration authorization [CVE-2022-36896]low🔒---
205152Adobe Acrobat Reader out-of-bounds [CVE-2022-35669]low🔒---
205151Nico Amarilla BxSlider WP Plugin cross site scripting [CVE-2022-33943]low🔒---
205150Adobe Acrobat Reader File out-of-bounds [CVE-2022-35672]low🔒---
205149Git Plugin Build authorization [CVE-2022-36883]medium🔒---
205148Sims Attachment Download path traversal [CVE-2022-34551]medium🔒---
205147Sims uploadServlet unrestricted uploadmedium🔒---
205146WASM3 Compile_Memory_CopyFill memory corruptionmedium🔒---
205145Google Cloud Backup Plugin Manual Backup authorization [CVE-2022-36917]medium🔒---
205144SAP SuccessFactors Mobile Application write privileges managementmedium🔒---
205143biplob018 Shortcode Addons Plugin Options Change access controlmedium🔒---
205142Trellix MA Smart Installer uncontrolled search path [CVE-2022-2313]medium🔒---
205141Trellix Skyhigh SWG Administration User Interface authentication spoofingmedium🔒---
205140InMailX Outlook Plugin Connection Name cross site scripting [CVE-2022-27105]low🔒---
205139Webmin/Usermin Read Mail Module cross site scripting [CVE-2022-36880]low🔒---
205138WeChat App Address Book wx.searchContacts information disclosurelow🔒---
205137HashiCorp Vault/Vault Enterprise access control [CVE-2022-36129]medium🔒---
205136Motorola MOSCAD Toolbox Configuration File wmdlcdrv.ini cleartext storage in a file or on diskmedium🔒---
205135Motorola ACE1000 hard-coded key [CVE-2022-30274]low🔒---
205134Motorola ACE1000 SSH Private Key sshd_service hard-coded keylow🔒---
205133Motorola ACE1000 RTU integrity check [CVE-2022-30269]medium🔒---
205132Emerson OpenBSI hard-coded key [CVE-2022-29960]low🔒---
205131JTEKT TOYOPUC PLC CMPLink Protocol integrity check [CVE-2022-29958]medium🔒---
205130Emerson DeltaV Distributed Control System improper authenticationmedium🔒---
205129Bently Nevada 3700 Service Port 4001 hard-coded credentials [CVE-2022-29953]medium🔒---
205128Bently Nevada 3701-4X/60M100 TDI Command missing authenticationmedium🔒---
205127JTEKT TOYOPUC PLC CMPLink Protocol missing authentication [CVE-2022-29951]medium🔒---
205126QQ App qq.createMapContext permissionmedium🔒---
205125Synology DiskStation Manager Webapi path traversal [CVE-2022-27610]medium🔒---
205124Rizin Binary get_long_object integer overflowlow🔒---
205123Motorola MOSCAD/ACE IP Gateway Module missing authenticationmedium🔒---
205122Motorola MDLC improper enforcement of message integrity [CVE-2022-30273]medium🔒---
205121Motorola ACE1000 RTU Front End Processor Module integrity checkhigh🔒---
205120Emerson DeltaV Distributed Control System FTP hard-coded credentialsmedium🔒---
205119Emerson DeltaV Distributed Control System Telnet Interface entropylow🔒---
205118Emerson DeltaV Distributed Control System WIOC SSH hard-coded credentialsmedium🔒---
205117Emerson DeltaV Distributed Control System Telnet Service hard-coded credentialshigh🔒---
205116Motorola ACE1000 RTU SSH Interface hard-coded credentials [CVE-2022-30270]medium🔒---
205115Online Fire Reporting System cross site scripting [CVE-2022-34611]low🔒---
205114Feehi CMS Advertising Management Module unrestricted upload [CVE-2022-34971]medium🔒---
205113Advanced School Management System update_subject.php cross site scriptinglow🔒---
205112Linux Kernel xfrm_policy.c xfrm_expand_policies denial of servicelow🔒---
205111Linux Kernel server_key.c rxrpc_preparse_s null pointer dereferencemedium🔒---
205110Linux Kernel ACRN Device Model hsm.c acrn_dev_ioctl memory leakmedium🔒---
205109ianwalter merge code injectionmedium🔒---
205108LibreOffice Configuration Database inadequate encryption [CVE-2022-26307]low🔒---
205107Allow SVG Files Plugin cross site scripting [CVE-2022-2299]low🔒---
205106beancount fava cross site scripting [CVE-2022-2523]low🔒---
205105grapesjs Selector Manager cross site scripting [CVE-2022-21802]low🔒---
205104Western Digital My Cloud cross site scripting [CVE-2022-22999]low🔒---
205103Pega improper authorization [CVE-2022-24083]medium🔒---
205102Fava Error Message cross site scripting [CVE-2022-2514]low🔒---
205101Ceph authorization [CVE-2022-0670]medium🔒---
205100Zoho ManageEngine SupportCenter Plus API Request improper authenticationmedium🔒---
205099Paymoney cross site scripting [CVE-2022-34991]low🔒---
205098Inout Blockchain AltExchanger js cross site scriptinglow🔒---
205097oretnom23 Online Fire Reporting System Parameter sql injectionmedium🔒---
205096Cloudflare WARP Client warp-cli Subcommand access control [CVE-2022-2225]medium🔒---
205095zephyrproject-rtos Zephyr Bluetooth Mesh Core Stack out-of-bounds writemedium🔒---
205094zephyrproject-rtos Zephyr Bluetooth Mesh Core Stack out-of-bounds writemedium🔒---
205093Synology Calendar Webapi cross-site request forgery [CVE-2022-22686]low🔒---
205092Atlassian Confluence Server/Data Center Livesearch Macro cross site scriptinglow🔒---
205091mistune Regular Expression denial of service [CVE-2022-34749]low🔒---
205090WAVLINK WN535 G3 POST adm.cgi Privilege Escalationmedium🔒---
205089WAVLINK WN535 G3 POST ExportAllSettings.sh Privilege Escalationlow🔒---
205088Wavlink WiFi-Repeater fctest.shtml access controllow🔒---
205087Wavlink WiFi-Repeater Tftpd32.ini access controllow🔒---
205086Wavlink WiFi-Repeater mb_wifibasic.shtml access controlmedium🔒---
205085Wavlink WiFi-Repeater tftp.txt access controllow🔒---
205084Wavlink WiFi-Repeater syslog.shtml access controllow🔒---
205083WAVLINK WN579 X3 messages.txt information disclosurelow🔒---
205082Joplin Node Title injection [CVE-2022-35131]medium🔒---
205081Orange Station sql injection [CVE-2022-36161]medium🔒---
205080Warehouse Management System sql injection [CVE-2022-34067]medium🔒---
205079yasm nasm-pp.c error use after freemedium🔒---
205078yasm nasm-pp.c pp_getline use after freemedium🔒---
205077yasm nasm-pp.c expand_smacro null pointer dereferencelow🔒---
205076yasm nasm-pp.c expand_mmacro null pointer dereferencelow🔒---
205075yasm nasm-pp.c inc_fopen heap-based overflowmedium🔒---
205074yasm expr.c yasm_expr__copy_except null pointer dereferencelow🔒---
205073yasm expr.c expr_traverse_nodes_post use after freemedium🔒---
205072yasm intnum.c yasm_intnum_destroy use after freemedium🔒---
205071yasm nasm-pp.c if_condition null pointer dereferencelow🔒---
205070yasm nasm-parse.c nasm_parser_directive null pointer dereferencelow🔒---
205069yasm nasm-pp.c find_cc null pointer dereferencelow🔒---
205068yasm nasm-pp.c expand_mmac_params null pointer dereferencelow🔒---
205067yasm nasm-pp.c hash null pointer dereferencelow🔒---
205066yasm nasm-pp.c do_directive null pointer dereferencelow🔒---
205065yasm expr.c yasm_expr_get_intnum null pointer dereferencelow🔒---
205064lrzip stream.c ucompthread use after freemedium🔒---
205063NASM alloc.c nasm_malloc memory leaklow🔒---
205062lrzip stream.c fill_buffer memory leaklow🔒---
205061NASM alloc.c nasm_calloc memory leaklow🔒---
205060mjs/ES6 mjs.c mjs_bcode_part_get_by_offset null pointer dereferencelow🔒---
205059mjs/ES6 stack-based overflow [CVE-2021-33448]medium🔒---
205058mjs/ES6 mjs.c mjs_print null pointer dereferencelow🔒---
205057mjs/ES6 mjs.c mjs_next null pointer dereferencelow🔒---
205056mjs/ES6 mjs.c mjs_string_char_code_at null pointer dereferencelow🔒---
205055IBM Robotic Process Automation Access Token information disclosurelow🔒---
205054IBM Security Verify Information Queue cross-site request forgerylow🔒---
205053IBM Partner Engagement Manager denial of service [CVE-2022-35639]low🔒---
205052Pandora FMS File Manager path traversal [CVE-2022-1648]low🔒---
205051mjs/ES6 mjs.c getprop_builtin_foreign null pointer dereferencelow🔒---
205050mjs/ES6 mjs.c mjs_execute stack-based overflowmedium🔒---
205049mjs/ES6 mjs.c json_printf null pointer dereferencelow🔒---
205048mjs/ES6 mjs.c exec_expr null pointer dereferencelow🔒---
205047mjs/ES6 mjs.c gc_compact_strings integer overflowmedium🔒---
205046mjs/ES6 mjs.c json_parse_array stack-based overflowmedium🔒---
205045mjs/ES6 mjs.c frozen_cb memory leaklow🔒---
205044mjs/ES6 mjs.c mjs_bcode_commit null pointer dereferencelow🔒---
205043Xen Shadow Mode Privilege Escalation [CVE-2022-33745]low🔒---
205042Fruits Bazar user_password_recover.php sql injectionmedium🔒---
205041FileWave improper authentication [CVE-2022-34907]medium🔒---
205040FileWave hard-coded key [CVE-2022-34906]low🔒---
205039Western Digital My Cloud Web App downgrade [CVE-2022-23000]medium🔒---
205038LibreOffice Configuration Database inadequate encryption [CVE-2022-26306]low🔒---
205037LibreOffice certificate validation [CVE-2022-26305]medium🔒---
205036vim heap-based overflow [CVE-2022-2522]medium🔒---
205035OpenKM Community Edition XMLReader Parser XMLTextExtractor.java xml external entity referencemedium🔒---
205034set-deep-prop main code injectionmedium🔒---
205033node-import index.js eval Remote Code Executionmedium🔒---
205032thenify eval Remote Code Executionmedium🔒---
205031snyk-broker pathname traversal [CVE-2020-7649]low🔒---
205030properties-reader Remote Code Execution [CVE-2020-28471]medium🔒---
205029markdown-it-decorate Event code injection [CVE-2020-28459]medium🔒---
205028markdown-it-toc escape output [CVE-2020-28455]medium🔒---
205027xopen index.js injectionmedium🔒---
205026ntesseract tesseract.js command injection [CVE-2020-28446]medium🔒---
205025npm-help index.js export.latestVersion injectionmedium🔒---
205024sonar-wrapper sonarRunner.js injection [CVE-2020-28443]medium🔒---
205023deferred-exec deferred-exec.js injection [CVE-2020-28438]medium🔒---
205022git-archive Exports command injection [CVE-2020-28422]medium🔒---
205021Pandora FMS Agent Creation Section cross site scripting [CVE-2022-2059]low🔒---
205020Pandora FMS File Manager cross site scripting [CVE-2022-2032]low🔒---
205019Moodle LTI Module cross site scripting [CVE-2022-35653]low🔒---
205018Moodle SCORM Track Detail cross site scripting [CVE-2022-35651]low🔒---
205017Booked URL redirect [CVE-2022-30706]medium🔒---
205016Inductive Automation Ignition ZIP File Parser deserializationmedium🔒---
205015Inductive Automation Ignition deserialization [CVE-2022-35870]medium🔒---
205014Inductive Automation Ignition authentication bypass [CVE-2022-35869]medium🔒---
205013OpenTeknik OSSN Open Source Social Network Group Timeline Module cross site scriptinglow🔒---
205012Moodle Mobile Auto-Login Feature redirect [CVE-2022-35652]low🔒---
205011Moodle Lesson Question Import path traversal [CVE-2022-35650]medium🔒---
205010OpenTeknik OSSN Open Source Social Network SitePages Module cross site scriptinglow🔒---
205009OpenTeknik OSSN Open Source Social Network News Feed Module cross site scriptinglow🔒---
205008OpenTeknik OSSN Open Source Social Network Users Timeline Module cross site scriptinglow🔒---
205007ABB Hitachi Energy MSM HTTP Web Interface response splittingmedium🔒---
205006otp-generator One-Time Password random values [CVE-2021-23451]low🔒---
205005Atlassian Jira Service Management Server/Data Center JSM Insight server-side request forgerymedium🔒---
205004OpenTeknik OSSN Open Source Social Network home injectionlow🔒---
205003ion-parser INI File code injection [CVE-2020-28462]medium🔒---
205002js-ini INI File code injection [CVE-2020-28461]medium🔒---
205001conf-cfg-ini INI File code injection [CVE-2020-28441]medium🔒---
205000google-cloudstorage-commands Remote Code Execution [CVE-2020-28436]medium🔒---
204999CommuniLink Internet Limited CLink Office sql injection [CVE-2022-29709]medium🔒---
204998Moodle PostScript Parser code injection [CVE-2022-35649]medium🔒---
204997Name Directory Plugin cross site scripting [CVE-2022-2072]low🔒---
204996Name Directory Plugin Import cross-site request forgery [CVE-2022-2071]low🔒---
204995Simple Page Transition Plugin Setting cross site scripting [CVE-2022-2341]low🔒---
204994W-DALIL Plugin cross site scripting [CVE-2022-2340]low🔒---
204993Biplob Adhikari Tabs Plugin Options Change access control [CVE-2022-36375]medium🔒---
204992Biplob Adhikari Flipbox Plugin Options Change access controlmedium🔒---
204991untangle xml external entity reference [CVE-2022-31471]medium🔒---
204990untangle DTD denial of service [CVE-2022-33977]low🔒---
204989Inductive Automation Ignition ZIP File unsafe action warninghigh🔒---
204988Inductive Automation Ignition authenticateAdSso missing authenticationmedium🔒---
204987IBM Security Verify Information Queue information disclosurelow🔒---
204986IBM Security Verify Information Queue hard-coded credentialslow🔒---
204985QRcdr process.php pathname traversalmedium🔒---
204984IBM Security Verify Information Queue cross-site request forgerylow🔒---
204983IBM Security Verify Information Queue information disclosurelow🔒---
204982Request a Quote Plugin Setting cross site scripting [CVE-2022-2239]low🔒---
204981Unyson Plugin cross site scripting [CVE-2022-2219]low🔒---
204980OpenTeknik OSSN Open Source Social Network com_installer unrestricted uploadmedium🔒---
204979WP Video Lightbox Plugin cross site scripting [CVE-2022-2189]low🔒---
204978Popup Anything Plugin Frontend Page cross site scripting [CVE-2022-2115]low🔒---
204977Header Footer Code Manager Plugin Admin Page cross site scriptinglow🔒---
204976Osamaesh WP Visitor Statistics Plugin sql injection [CVE-2022-33965]medium🔒---
204975Request a Quote Plugin csv injection [CVE-2022-2240]medium🔒---
204974SP Project & Document Manager Plugin information disclosure [CVE-2022-1551]low🔒---
204973ffmpeg-sdk index.js injectionmedium🔒---
204972ABB Hitachi Energy MSM Web Interface cross-site request forgerylow🔒---
204971Professional Social Sharing Buttons, Icons & Related Posts Plugin AJAX Action information disclosurelow🔒---
204970Exports and Reports Plugin CSV Export csv injection [CVE-2022-1539]medium🔒---
204969Webmin UI Command apt-lib.pl cross site scriptinglow🔒---
204968Obsidian URL code [CVE-2022-36450]low🔒---
204967Atos Unify OpenScape SBC/OpenScape Branch/OpenScape BCF Remote Code Executionhigh🔒---
204966GNOME gdk-pixbuf GIF File io-gif-animation.c composite_frame heap-based overflowmedium🔒---
204965Apache MXNet Operator Name resource consumption [CVE-2022-24294]low🔒---
204964Scooter Beyond Compare Windows EXE Installer access control [CVE-2022-36414]medium🔒---
204963Django REST Framework DRF Browsable API cross site scriptinglow🔒---
204962Scooter Beyond Compare Uninstaller uncontrolled search path [CVE-2022-36415]medium🔒---
204961Hallo Welt BlueSpice commonuserinterface cross site scriptinglow🔒---
204960Hallo Welt BlueSpice Search Term Special:SearchCenter cross site scriptinglow🔒---
204959Dataease Plugin upload unrestricted uploadmedium🔒---
204958Dataease uninstall access controlmedium🔒---
204957convert-svg-core SVG File code injection [CVE-2022-25759]medium🔒---
204956F-Secure Atlant Scanning Engine aepack.dll denial of servicelow🔒---
204955F-Secure Atlant APK File denial of service [CVE-2022-28878]low🔒---
204954Xiaomi Mi Sound App information disclosure [CVE-2020-14126]low🔒---
204953Xiaomi SmartHome App information disclosure [CVE-2020-14114]low🔒---
204952Dataease sql injection [CVE-2022-34115]medium🔒---
204951Dataease sql injection [CVE-2022-34114]medium🔒---
204950PrestaShop sql injection [CVE-2022-36408]medium🔒---
204949wpWax Team Plugin cross site scripting [CVE-2022-34853]low🔒---
204948wpWax Team Plugin cross site scripting [CVE-2022-34650]low🔒---
204947Chinmoy Paul Testimonials Plugin cross site scripting [CVE-2022-33191]low🔒---
204946Sygnoos Popup Builder Plugin Plugin Setting cross-site request forgerylow🔒---
204945CodexShaper WP OAuth2 Server Plugin improper authentication [CVE-2022-34839]low🔒---
204944Supsystic Social Share Buttons Plugin sql injection [CVE-2022-33960]medium🔒---
204943Supsystic Social Share Buttons Plugin access control [CVE-2022-27235]medium🔒---
204942MultiSafepay for WooCommerce Plugin path traversal [CVE-2022-33901]medium🔒---
204941WooPlugins.co Homepage Product Organizer for WooCommerce Plugin sql injectionmedium🔒---
204940Radare2 Binary File bfile.c r_bin_file_xtr_load_buffer null pointer dereferencelow🔒---
204939Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS Web API missing authenticationmedium🔒---
204938scu-captcha backdoor [CVE-2022-34983]medium🔒---
204937eziod backdoor [CVE-2022-34982]medium🔒---
204936PyCrowdTangle backdoor [CVE-2022-34981]medium🔒---
204935wikifaces backdoor [CVE-2022-34509]medium🔒---
204934QPDF PDF File processXRefStream heap-based overflowmedium🔒---
204933Radare2 Binary File wasm.c consume_encoded_name_new heap-based overflowlow🔒---
204932bin-collection backdoor [CVE-2022-34501]medium🔒---
204931bin-collect backdoor [CVE-2022-34500]medium🔒---
204930Microweber cross site scripting [CVE-2022-2470]low🔒---
204929Caddy URI rewrite.go rewrite out-of-boundslow🔒---
204928Advantech iView path traversal [CVE-2022-2139]medium🔒---
204927Advantech iView missing authentication [CVE-2022-2138]medium🔒---
204926Advantech iView command injection [CVE-2022-2143]high🔒---
204925Advantech iView sql injection [CVE-2022-2142]medium🔒---
204924Advantech iView sql injection [CVE-2022-2137]medium🔒---
204923Advantech iView sql injection [CVE-2022-2136]medium🔒---
204922Advantech iView sql injection [CVE-2022-2135]medium🔒---
204921Red Hat OpenStack Session Cookie cookie httponly flag [CVE-2022-1655]low🔒---
204920Better PDF Exporter Add-on PDF Templates Overview Page cross site scriptinglow🔒---
204919Zulip API Call improper authorization [CVE-2022-31168]medium🔒---
204918Linux Kernel io_uring use after freemedium🔒---
204917Linux Kernel io_uring double freemedium🔒---
204916Apple Safari WebRTC memory corruption [CVE-2022-2294]medium🔒---
204915Apple Safari WebKit out-of-bounds write [CVE-2022-32792]medium🔒---
204914Apple Safari Safari Extensions information disclosure [CVE-2022-32784]low🔒---
204913Apple macOS Windows Server information disclosure [CVE-2022-32848]low🔒---
204912Apple macOS Wi-Fi Remote Code Execution [CVE-2022-32847]high🔒---
204911Apple macOS Wi-Fi Remote Code Execution [CVE-2022-32837]high🔒---
204910Apple macOS WebRTC memory corruption [CVE-2022-2294]medium🔒---
204909Apple macOS WebKit out-of-bounds write [CVE-2022-32792]medium🔒---
204908Apple macOS WebKit improper restriction of rendered ui layersmedium🔒---
204907Apple macOS TCC access control [CVE-2022-32834]low🔒---
204906Apple macOS subversion Privilege Escalation [CVE-2022-29048]low🔒---
204905Apple macOS subversion Privilege Escalation [CVE-2022-29046]low🔒---
204904Apple macOS subversion Privilege Escalation [CVE-2022-24070]low🔒---
204903Apple macOS subversion Privilege Escalation [CVE-2021-28544]low🔒---
204902Apple macOS Spotlight Local Privilege Escalation [CVE-2022-32801]medium🔒---
204901Apple macOS Spindump access control [CVE-2022-32807]low🔒---
204900Apple macOS Software Update information disclosure [CVE-2022-32857]low🔒---
204899Apple macOS SMB information disclosure [CVE-2022-32818]low🔒---
204898Apple macOS SMB out-of-bounds [CVE-2022-32799]low🔒---
204897Apple macOS SMB out-of-bounds write [CVE-2022-32798]low🔒---
204896Apple macOS SMB out-of-bounds [CVE-2022-32842]low🔒---
204895Apple macOS SMB memory corruption [CVE-2022-32796]medium🔒---
204894Apple macOS PS Normalizer out-of-bounds write [CVE-2022-32843]medium🔒---
204893Apple macOS PluginKit state issue [CVE-2022-32838]low🔒---
204892Apple macOS PackageKit access control [CVE-2022-32800]low🔒---
204891Apple macOS PackageKit access control [CVE-2022-32786]low🔒---
204890Apple macOS Multi-Touch type confusion [CVE-2022-32814]medium🔒---
204889Apple macOS libxml2 initialization [CVE-2022-32823]low🔒---
204888Apple macOS Liblouis Local Privilege Escalation [CVE-2022-26981]low🔒---
204887Apple macOS Kernel Local Privilege Escalation [CVE-2022-32829]medium🔒---
204886Apple macOS Kernel out-of-bounds [CVE-2022-32817]low🔒---
204885Apple macOS Kernel Local Privilege Escalation [CVE-2022-32815]medium🔒---
204884Apple macOS Kernel Local Privilege Escalation [CVE-2022-32813]medium🔒---
204883Apple macOS Intel Graphics Driver Local Privilege Escalationmedium🔒---
204882Apple macOS Intel Graphics Driver memory corruption [CVE-2022-32811]medium🔒---
204881Apple macOS ImageIO null pointer dereference [CVE-2022-32785]low🔒---
204880Apple macOS ImageIO information disclosure [CVE-2022-32841]low🔒---
204879Apple macOS ICU out-of-bounds write [CVE-2022-32787]medium🔒---
204878Apple macOS iCloud Photo Library information disclosure [CVE-2022-32849]low🔒---
204877Apple macOS GPU Drivers memory corruption [CVE-2022-32821]medium🔒---
204876Apple macOS GPU Drivers out-of-bounds write [CVE-2022-32793]low🔒---
204875Apple macOS File System Events state issue [CVE-2022-32819]medium🔒---
204874Apple macOS CoreText Remote Code Execution [CVE-2022-32839]medium🔒---
204873Apple macOS CoreMedia information disclosure [CVE-2022-32828]low🔒---
204872Apple macOS Calendar information disclosure [CVE-2022-32805]low🔒---
204871Apple macOS Automation access control [CVE-2022-32789]low🔒---
204870Apple macOS Audio information disclosure [CVE-2022-32825]low🔒---
204869Apple macOS Audio out-of-bounds write [CVE-2022-32820]medium🔒---
204868Apple macOS AppleScript out-of-bounds [CVE-2022-32831]medium🔒---
204867Apple macOS AppleScript out-of-bounds [CVE-2022-32853]medium🔒---
204866Apple macOS AppleScript out-of-bounds [CVE-2022-32852]medium🔒---
204865Apple macOS AppleScript out-of-bounds [CVE-2022-32851]medium🔒---
204864Apple macOS AppleScript Remote Code Execution [CVE-2022-32797]medium🔒---
204863Apple macOS Apple Neural Engine sandbox [CVE-2022-32845]low🔒---
204862Apple macOS Apple Neural Engine Local Privilege Escalation [CVE-2022-32840]medium🔒---
204861Apple macOS Apple Neural Engine Local Privilege Escalation [CVE-2022-32810]medium🔒---
204860Apple macOS AppleMobileFileIntegrity improper authorization [CVE-2022-32826]medium🔒---
204859Apple macOS APFS Local Privilege Escalation [CVE-2022-32832]medium🔒---
204858YIKES Custom Product Tabs for WooCommerce Plugin access controlmedium🔒---
204857Microweber cross site scripting [CVE-2022-2495]low🔒---
204856OpenEMR cross site scripting [CVE-2022-2494]low🔒---
204855ASUSTek Aura Ready Game SDK Service GameSDK.exe unquoted search pathmedium🔒---
204854Lin CMS Spring Boot access control [CVE-2022-32430]medium🔒---
204853OpenZeppelin SignatureChecker.isValidSignatureNow input validationlow🔒---
204852OpenZeppelin ERC165Checker.supportsInterface input validationmedium🔒---
204851Wasmtime Cranelift calculation [CVE-2022-31169]medium🔒---
204850Tovy improper authentication [CVE-2022-31164]medium🔒---
204849Slack Morphism unknown vulnerability [CVE-2022-31162]low🔒---
204848OpenEMR Outside Expected Data Manager unknown vulnerability [CVE-2022-2493]medium🔒---
204847ALLNET WR0500AC wizardpwd.asp authorizationmedium🔒---
204846Supersmart.me Walk Through API invoiceImg improper authenticationlow🔒---
204845Citilog HTTP Traffic cleartext transmission [CVE-2022-28861]low🔒---
204844Citilog channel accessible [CVE-2022-28860]medium🔒---
204843F-Secure WithSecure Endpoint Protection access control [CVE-2022-28877]medium🔒---
204842file-type MKV File infinite loop [CVE-2022-36313]low🔒---
204841ABB RMC-100 Standard path traversal [CVE-2022-0902]medium🔒---
204840Florent Maillefaud WP Maintenance Plugin cross site scriptinglow🔒---
204839Sygnoos Popup Builder Plugin Popup Status Change cross-site request forgerylow🔒---
204838JoomUnited WP Meta SEO Plugin Social Setting cross-site request forgerylow🔒---
204837biplob018 Shortcode Addons Plugin Option Update access controlmedium🔒---
204836Biplob Adhikari Accordions Plugin Options Change access controlmedium🔒---
204835GiveWP Plugin Export information disclosure [CVE-2022-31475]low🔒---
204834GiveWP Plugin Export access control [CVE-2022-28700]medium🔒---
204833TZInfo Timezone.get path traversalmedium🔒---
204832Backdoor.Win32.Eclipse.h Service Port 6210 hard-coded credentialsmedium🔒---
204831Asus IoT Control Center Web-based Management Interface cross site scriptinglow🔒---
204830Cisco Nexus Dashboard CLI Command input validation [CVE-2022-20909]medium🔒---
204829Cisco Nexus Dashboard CLI Command toctou [CVE-2022-20908]medium🔒---
204828Cisco Nexus Dashboard CLI Command toctou [CVE-2022-20907]medium🔒---
204827Cisco Nexus Dashboard CLI Command toctou [CVE-2022-20906]medium🔒---
204826Cisco Nexus Dashboard Web-based Management Interface path traversalmedium🔒---
204825Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204824Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204823Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204822Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204821Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204820Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204819Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204818Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204817Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204816Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204815Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204814Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204813Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204812Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204811Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204810Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204809Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204808Google Chrome Views use after free [CVE-2022-2481]medium🔒---
204807Google Chrome Service Worker API use after free [CVE-2022-2480]medium🔒---
204806Google Chrome File Remote Code Execution [CVE-2022-2479]medium🔒---
204805Google Chrome PDF use after free [CVE-2022-2478]medium🔒---
204804Google Chrome Guest View use after free [CVE-2022-2477]medium🔒---
204803Apple watchOS Wi-Fi memory corruption [CVE-2022-32847]high🔒---
204802Apple watchOS WebKit out-of-bounds write [CVE-2022-32792]medium🔒---
204801Apple watchOS WebKit improper restriction of rendered ui layersmedium🔒---
204800Apple watchOS Software Update information disclosure [CVE-2022-32857]low🔒---
204799Apple watchOS Multi-Touch type confusion [CVE-2022-32814]medium🔒---
204798Apple watchOS libxml2 initialization [CVE-2022-32823]low🔒---
204797Apple watchOS Liblouis Local Privilege Escalation [CVE-2022-26981]low🔒---
204796Apple watchOS Kernel state issue [CVE-2022-32844]low🔒---
204795Apple watchOS Kernel out-of-bounds [CVE-2022-32817]low🔒---
204794Apple watchOS Kernel Local Privilege Escalation [CVE-2022-32815]medium🔒---
204793Apple watchOS Kernel Local Privilege Escalation [CVE-2022-32813]medium🔒---
204792Apple watchOS ImageIO information disclosure [CVE-2022-32841]low🔒---
204791Apple watchOS ICU out-of-bounds write [CVE-2022-32787]medium🔒---
204790Apple watchOS GPU Drivers memory corruption [CVE-2022-32821]medium🔒---
204789Apple watchOS GPU Drivers out-of-bounds write [CVE-2022-32793]low🔒---
204788Apple watchOS File System Events state issue [CVE-2022-32819]medium🔒---
204787Apple watchOS CoreText Remote Code Execution [CVE-2022-32839]medium🔒---
204786Apple watchOS Audio information disclosure [CVE-2022-32825]low🔒---
204785Apple watchOS Audio out-of-bounds write [CVE-2022-32820]medium🔒---
204784Apple watchOS Apple Neural Engine Local Privilege Escalationmedium🔒---
204783Apple watchOS Apple Neural Engine Local Privilege Escalationmedium🔒---
204782Apple watchOS Apple Neural Engine sandbox [CVE-2022-32845]low🔒---
204781Apple watchOS AppleMobileFileIntegrity improper authorizationmedium🔒---
204780Apple watchOS AppleAVD information disclosure [CVE-2022-32824]low🔒---
204779Apple watchOS AppleAVD buffer overflow [CVE-2022-32788]high🔒---
204778Apple watchOS APFS Local Privilege Escalation [CVE-2022-32832]medium🔒---
204777Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204776Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204775Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204774Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204773Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204772Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204771Apple tvOS Wi-Fi Remote Code Execution [CVE-2022-32847]high🔒---
204770Apple tvOS Wi-Fi Local Privilege Escalation [CVE-2022-32837]medium🔒---
204769Apple tvOS WebKit out-of-bounds write [CVE-2022-32792]medium🔒---
204768Apple tvOS WebKit improper restriction of rendered ui layersmedium🔒---
204767Apple tvOS Software Update information disclosure [CVE-2022-32857]low🔒---
204766Apple tvOS Multi-Touch type confusion [CVE-2022-32814]medium🔒---
204765Apple tvOS libxml2 initialization [CVE-2022-32823]low🔒---
204764Apple tvOS Liblouis Local Privilege Escalation [CVE-2022-26981]low🔒---
204763Apple tvOS Kernel state issue [CVE-2022-32844]low🔒---
204762Apple tvOS Kernel out-of-bounds [CVE-2022-32817]low🔒---
204761Apple tvOS Kernel memory corruption [CVE-2022-32815]medium🔒---
204760Apple tvOS Kernel memory corruption [CVE-2022-32813]medium🔒---
204759Apple tvOS ImageIO out-of-bounds [CVE-2022-32830]low🔒---
204758Apple tvOS ImageIO Remote Code Execution [CVE-2022-32802]medium🔒---
204757Apple tvOS ImageIO Remote Code Execution [CVE-2022-32841]medium🔒---
204756Apple tvOS ICU out-of-bounds write [CVE-2022-32787]medium🔒---
204755Apple tvOS iCloud Photo Library information disclosure [CVE-2022-32849]low🔒---
204754Apple tvOS GPU Drivers memory corruption [CVE-2022-32821]medium🔒---
204753Apple tvOS GPU Drivers out-of-bounds write [CVE-2022-32793]low🔒---
204752Apple tvOS File System Events state issue [CVE-2022-32819]medium🔒---
204751Apple tvOS CoreText Remote Code Execution [CVE-2022-32839]medium🔒---
204750Apple tvOS CoreMedia information disclosure [CVE-2022-32828]low🔒---
204749Apple tvOS Audio information disclosure [CVE-2022-32825]low🔒---
204748Apple tvOS Audio out-of-bounds write [CVE-2022-32820]medium🔒---
204747Apple tvOS AppleMobileFileIntegrity improper authorization [CVE-2022-32826]medium🔒---
204746Apple tvOS AppleAVD information disclosure [CVE-2022-32824]low🔒---
204745Apple tvOS AppleAVD buffer overflow [CVE-2022-32788]high🔒---
204744Apple tvOS APFS Local Privilege Escalation [CVE-2022-32832]medium🔒---
204743Couchbase Server Private Key log file [CVE-2022-32556]low🔒---
204742Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204741Apple iOS/iPadOS Wi-Fi memory corruption [CVE-2022-32847]high🔒---
204740Apple iOS/iPadOS Wi-Fi memory corruption [CVE-2022-32837]medium🔒---
204739Apple iOS/iPadOS WebRTC memory corruption [CVE-2022-2294]medium🔒---
204738Apple iOS/iPadOS WebKit out-of-bounds write [CVE-2022-32792]medium🔒---
204737Apple iOS/iPadOS WebKit improper restriction of rendered ui layersmedium🔒---
204736Apple iOS/iPadOS Software Update information disclosure [CVE-2022-32857]low🔒---
204735Apple iOS/iPadOS Safari Extensions information disclosure [CVE-2022-32784]low🔒---
204734Apple iOS/iPadOS PluginKit state issue [CVE-2022-32838]low🔒---
204733Apple iOS/iPadOS Multi-Touch type confusion [CVE-2022-32814]medium🔒---
204732Apple iOS/iPadOS libxml2 initialization [CVE-2022-32823]low🔒---
204731Apple iOS/iPadOS Liblouis Local Privilege Escalation [CVE-2022-26981]low🔒---
204730Apple iOS/iPadOS Kernel race condition [CVE-2022-32844]low🔒---
204729Apple iOS/iPadOS Kernel state issue [CVE-2022-32844]low🔒---
204728Apple iOS/iPadOS Kernel out-of-bounds [CVE-2022-32817]low🔒---
204727Apple iOS/iPadOS Kernel Local Privilege Escalation [CVE-2022-32815]medium🔒---
204726Apple iOS/iPadOS Kernel Local Privilege Escalation [CVE-2022-32813]medium🔒---
204725Apple iOS/iPadOS IOMobileFrameBuffer memory corruption [CVE-2022-26768]medium🔒---
204724Apple iOS/iPadOS ImageIO null pointer dereference [CVE-2022-32785]low🔒---
204723Apple iOS/iPadOS ImageIO out-of-bounds [CVE-2022-32830]low🔒---
204722Apple iOS/iPadOS ImageIO Remote Code Execution [CVE-2022-32802]medium🔒---
204721Apple iOS/iPadOS ImageIO information disclosure [CVE-2022-32841]low🔒---
204720Apple iOS/iPadOS ICU out-of-bounds write [CVE-2022-32787]medium🔒---
204719Apple iOS/iPadOS iCloud Photo Library information disclosurelow🔒---
204718Apple iOS/iPadOS Home state issue [CVE-2022-32855]low🔒---
204717Apple iOS/iPadOS GPU Drivers memory corruption [CVE-2022-32821]medium🔒---
204716Apple iOS/iPadOS GPU Drivers out-of-bounds write [CVE-2022-32793]low🔒---
204715Apple iOS/iPadOS File System Events state issue [CVE-2022-32819]medium🔒---
204714Apple iOS/iPadOS CoreText Remote Code Execution [CVE-2022-32839]medium🔒---
204713Apple iOS/iPadOS CoreMedia information disclosure [CVE-2022-32828]low🔒---
204712Apple iOS/iPadOS Audio information disclosure [CVE-2022-32825]low🔒---
204711Apple iOS/iPadOS Audio out-of-bounds write [CVE-2022-32820]medium🔒---
204710Apple iOS/iPadOS Apple Neural Engine Local Privilege Escalationmedium🔒---
204709Apple iOS/iPadOS Apple Neural Engine Local Privilege Escalationmedium🔒---
204708Apple iOS/iPadOS Apple Neural Engine Local Privilege Escalationmedium🔒---
204707Apple iOS/iPadOS Apple Neural Engine sandbox [CVE-2022-32845]low🔒---
204706Apple iOS/iPadOS AppleMobileFileIntegrity improper authorizationmedium🔒---
204705Apple iOS/iPadOS AppleAVD information disclosure [CVE-2022-32824]low🔒---
204704Apple iOS/iPadOS AppleAVD buffer overflow [CVE-2022-32788]high🔒---
204703Apple iOS/iPadOS APFS Local Privilege Escalation [CVE-2022-32832]medium🔒---
204702Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204701Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204700Cisco Small Business RV110W Web-based Management Interface buffer overflowmedium🔒---
204699Barangay Management System household.php sql injectionmedium🔒---
204698Dell PowerStore PowerStore T Environment os command injectionmedium🔒---
204697Dell EMC PowerStore PSTCLI uncontrolled search path [CVE-2022-32498]medium🔒---
204696Dell EMC PowerStore os command injection [CVE-2022-22555]medium🔒---
204695jQuery UI checkboxradio cross site scriptinglow🔒---
204694MiCODUS MV720 GPS Tracker Web Server cross site scripting [CVE-2022-2199]low🔒---
204693undici Authorization Header redirect [CVE-2022-31151]low🔒---
204692MiCODUS MV720 GPS Tracker authorization [CVE-2022-34150]medium🔒---
204691WAVLINK WN530HG4 M30HG4 access control [CVE-2022-34049]medium🔒---
204690Wavlink WN533A8 M33A8 cross site scripting [CVE-2022-34048]low🔒---
204689MiCODUS MV720 GPS Tracker POST Parameter authorization [CVE-2022-33944]medium🔒---
204688Rockwell Automation MicroLogix 1100/MicroLogix 1400 X-Frame-Options Header improper restriction of rendered ui layersmedium🔒---
204687MiCODUS MV720 GPS Tracker SMS-based GPS Command improper authenticationhigh🔒---
204686MiCODUS MV720 GPS Tracker API Server hard-coded credentials [CVE-2022-2107]high🔒---
204685Anchore Enterprise API insufficiently protected credentials [CVE-2022-1766]low🔒---
204684Inductive Automation Ignition Web Configuration path traversalmedium🔒---
204683JetBrains TeamCity Build Parameter argument injection [CVE-2022-36322]medium🔒---
204682JetBrains TeamCity log file [CVE-2022-36321]low🔒---
204681DotNetNuke User Profile Biography cross site scripting [CVE-2021-31858]low🔒---
204680Questions For Confluence App hard-coded credentials [CVE-2022-26138]medium🔒---
204679Dell EMC PowerStore Manager GUI excessive authentication [CVE-2022-31234]low🔒---
204678Wasmtime Cranelift use after free [CVE-2022-31146]medium🔒---
204677Blogifier PostImage unrestricted uploadmedium🔒---
204676RK Smart TV Box MAX switchNextDisplayInterface Service denial of servicelow🔒---
204675H96 Smart TV Box Pro Plus saveDeepColorAttr denial of servicelow🔒---
204674WAVLINK WN530HG4 M30HG4 view-source access control [CVE-2022-34047]medium🔒---
204673Wavlink WN533A8 M33A8 view-source access control [CVE-2022-34046]medium🔒---
204672WAVLINK WN530HG4 M30HG4 Configuration File ExportAllSettings.sh hard-coded keylow🔒---
204671Mitsubishi Electric ICONICS GENESIS64/MC Works64 Project Configuration File deserializationmedium🔒---
204670Mitsubishi Electric ICONICS GENESIS64/MC Works64 unknown vulnerabilitymedium🔒---
204669Mitsubishi Electric ICONICS GENESIS64/MC Works64 XAML Code deserializationmedium🔒---
204668Mitsubishi Electric ICONICS GENESIS64/MC Works64 XAML Code deserializationmedium🔒---
204667H3C Magic R200 app stack-based overflowmedium🔒---
204666H3C Magic R200 doping.asp stack-based overflowmedium🔒---
204665H3C Magic R200 ajaxget stack-based overflowmedium🔒---
204664H3C Magic R200 doping.asp stack-based overflowmedium🔒---
204663H3C Magic R200 dotrace.asp stack-based overflowmedium🔒---
204662H3C Magic R200 dotrace.asp stack-based overflowmedium🔒---
204661H3C Magic R200 dotrace.asp stack-based overflowmedium🔒---
204660H3C Magic R200 DelDNSHnList Interface aspForm stack-based overflowmedium🔒---
204659H3C Magic R200 ipqos_lanip_editlist Interface aspForm stack-based overflowmedium🔒---
204658H3C Magic R200 Delstlist Interface aspForm stack-based overflowmedium🔒---
204657H3C Magic R200 EditSTList Interface aspForm stack-based overflowmedium🔒---
204656H3C Magic R200 EdittriggerList Interface aspForm stack-based overflowmedium🔒---
204655Goldshell ASIC Miner Debug Interface information disclosure [CVE-2022-24660]low🔒---
204654Dell EMC Data Protection Central cross-site request forgery [CVE-2022-34367]low🔒---
204653Linux Kernel null pointer dereference [CVE-2020-36558]low🔒---
204652Linux Kernel IOCTL use after free [CVE-2020-36557]medium🔒---
204651Cisco Nexus Dashboard Container Image missing authenticationmedium🔒---
204650Cisco Nexus Dashboard Container Image missing authenticationmedium🔒---
204649Cisco Nexus Dashboard Container Image missing authenticationmedium🔒---
204648Cisco Small Business RV110W Request buffer overflow [CVE-2022-20880]medium🔒---
204647Cisco Small Business RV110W Request buffer overflow [CVE-2022-20879]medium🔒---
204646Cisco Small Business RV110W Request buffer overflow [CVE-2022-20878]medium🔒---
204645Cisco Small Business RV110W Request buffer overflow [CVE-2022-20877]medium🔒---
204644Cisco Small Business RV110W Request buffer overflow [CVE-2022-20876]medium🔒---
204643Cisco Small Business RV110W Request buffer overflow [CVE-2022-20875]medium🔒---
204642Cisco Small Business RV110W Request buffer overflow [CVE-2022-20874]medium🔒---
204641Cisco Small Business RV110W Request buffer overflow [CVE-2022-20873]medium🔒---
204640Cisco Nexus Dashboard certificate validation [CVE-2022-20860]medium🔒---
204639Goldshell ASIC Miner path traversal [CVE-2022-24659]medium🔒---
204638Atlassian Jira Servlet Filter unknown vulnerability [CVE-2022-26136]low🔒---
204637Atlassian Jira HTTP Request unknown vulnerability [CVE-2022-26137]medium🔒---
204636Mitsubishi Electric ICONICS GENESIS64/MC Works64 Packets deserializationmedium🔒---
204635Goldshell ASIC Miner SSH Protocol hard-coded credentials [CVE-2022-24657]medium🔒---
204634Mitsubishi Electric ICONICS GENESIS64/MC Works64 Packets out-of-boundslow🔒---
204633Mitsubishi Electric ICONICS GENESIS64 URL Parameter path traversalmedium🔒---
204632ThingsForRestaurants Quick Restaurant Reservations Plugin cross site scriptinglow🔒---
204631Better Messages Plugin File Attachment cross-site request forgerylow🔒---
204630René Hermenau Social Media Share Buttons Plugin cross site scriptinglow🔒---
204629IBM QRadar SIEM TLS Key permission [CVE-2022-22424]low🔒---
204628Juniper Junos OS Download Manager neutralization [CVE-2022-22221]medium🔒---
204627IBM QRadar SIEM certificate validation [CVE-2021-29755]low🔒---
204626Juniper Junos OS Packet Forwarding Engine unusual condition [CVE-2022-22217]medium🔒---
204625Juniper Junos OS Ethernet Packet information disclosure [CVE-2022-22216]low🔒---
204624Juniper Junos OS/Junos OS Evolved Packet Forwarding Engine denial of servicemedium🔒---
204623Juniper Junos OS Packet Forwarding Engine null pointer dereferencemedium🔒---
204622Juniper Junos OS PFE buffer overflow [CVE-2022-22206]medium🔒---
204621itsourcecode Hospital Management System admin.php sql injectionmedium🔒---
204620itsourcecode Advanced School Management System timetable_insert_form.php sql injectionmedium🔒---
204619itsourcecode Advanced School Management System student_grade_wise.php sql injectionmedium🔒---
204618IBM QRadar SIEM information disclosure [CVE-2021-38936]low🔒---
204617Juniper Junos OS appqoe Subsystem memory leak [CVE-2022-22205]medium🔒---
204616Juniper Junos OS SIP ALG memory leak [CVE-2022-22204]low🔒---
204615Juniper Junos OS PFE comparison [CVE-2022-22203]medium🔒---
204614Juniper Junos OS dcpfe exceptional condition [CVE-2022-22202]medium🔒---
204613Juniper Junos OS/Junos OS Evolved PAM denial of service [CVE-2022-22215]medium🔒---
204612Juniper Junos OS/Junos OS Evolved RPD undefined values [CVE-2022-22213]low🔒---
204611Juniper Junos OS Advanced Forwarding Toolkit use after free [CVE-2022-22207]medium🔒---
204610Juniper Junos OS Evolved Packet Forwarding Engine allocation of resourcesmedium🔒---
204609Juniper Junos Kernel Routing Table memory leak [CVE-2022-22209]medium🔒---
204608Pega Platform JMX Interface deserialization [CVE-2022-24082]medium🔒---
204607HiCOS Natural Person Credential Component Client double freemedium🔒---
204606HiCOS Natural Person Credential Component Client out-of-bounds writemedium🔒---
204605HiCOS HiCOS Natural Person Credential Component Client out-of-bounds writemedium🔒---
204604HiCOS Natural Person Credential Component Client out-of-bounds writemedium🔒---
204603Unit4 ERP ExecuteServerProcessAsynchronously xml external entity referencelow🔒---
204602Fortinet FortiClientWindows unnecessary privileges [CVE-2022-26113]medium🔒---
204601Digital Watchdog DW MEGApix IP Camera bia_oneshot.cgi cross site scriptinglow🔒---
204600Digital Watchdog DW MEGApix IP Camera log file [CVE-2022-34536]low🔒---
204599Digital Watchdog DW MEGApix IP Camera information disclosurelow🔒---
204598Digital Watchdog DW Spectrum Server API information disclosurelow🔒---
204597gstreamer qtdemux_inflate heap-based overflowmedium🔒---
204596gstreamer MKV Demuxing gst_matroska_decompress_data heap-based overflowmedium🔒---
204595gstreamer MKV Demuxing heap-based overflow [CVE-2022-1924]medium🔒---
204594gstreamer MKV Demuxing heap-based overflow [CVE-2022-1923]medium🔒---
204593gstreamer MKV Demuxing gst_matroska_decompress_data heap-based overflowmedium🔒---
204592TIBCO Data Virtualization Column Based Security information disclosurelow🔒---
204591Puppet Bolt information disclosure [CVE-2022-2394]low🔒---
204590SICK Safety Designer Project File deserialization [CVE-2022-27580]medium🔒---
204589SICK Flexi Soft Designer Project File deserialization [CVE-2022-27579]medium🔒---
204588HCL BigFix Web Reports Email Administrative Configuration Page cross site scriptinglow🔒---
204587HCL BigFix Web Reports insufficiently protected credentials [CVE-2022-27544]low🔒---
204586Fortinet FortiAP-U CLI CLI Command path traversal [CVE-2022-30301]medium🔒---
204585Fortinet FortiDDoS API hard-coded key [CVE-2022-29060]low🔒---
204584GPAC integer overflow [CVE-2022-2454]medium🔒---
204583GPAC use after free [CVE-2022-2453]medium🔒---
204582Yokogawa Passage Drive Interprocess Communication os command injectionmedium🔒---
204581U-Boot Squashfs heap-based overflow [CVE-2022-33967]medium🔒---
204580libtirpc svc_run file descriptor consumptionlow🔒---
204579openSUSE Tumbleweed keylime symlink [CVE-2022-31250]medium🔒---
204578SICK FTMg GET Request authorization [CVE-2021-32504]low🔒---
204577Digiwin BPM System Files xml external entity reference [CVE-2022-32458]medium🔒---
204576HYPR Workforce Access deserialization [CVE-2022-1984]medium🔒---
204575SourceCodester Library Management System index.php sql injectionmedium🔒---
204574SourceCodester Library Management System lab.php sql injectionmedium🔒---
204573Digiwin BPM sql injection [CVE-2022-32456]medium🔒---
204572Digital Watchdog DW MEGApix IP Camera POST Request license_tok.cgi command injectionmedium🔒---
204571Digital Watchdog DW MEGApix IP Camera POST Request curltest.cgi command injectionmedium🔒---
204570Digital Watchdog DW MEGApix IP Camera POST Request addacph.cgi command injectionmedium🔒---
204569undici Request Header crlf injection [CVE-2022-31150]medium🔒---
204568gstreamer AVI File Parser gst_avi_demux_invert buffer overflowmedium🔒---
204567gstreamer Matroska File gst_matroska_demux_add_wvpk_header heap-based overflowmedium🔒---
204566Grails grails-databinding code [CVE-2022-35912]medium🔒---
204565Fortinet FortiDeceptor Management Interface path traversal [CVE-2022-30302]low🔒---
204564Fortinet FortiEDR Management Console cross site scripting [CVE-2022-29057]low🔒---
204563HYPR Server Device Manager Page insufficient permissions or privilegesmedium🔒---
204562Interactive Infocom Teamplus Pro Private Cloud Message allocation of resourceslow🔒---
204561Digiwin BPM URL Error Response server-side request forgery [CVE-2022-32457]medium🔒---
204560Redis XAUTOCLAIM Command heap-based overflow [CVE-2022-31144]medium🔒---
204559Zoho ManageEngine Access Manager Plus/Password Manager Pro/PAM360 Remote Code Executionmedium🔒---
204558Fortinet FortiManager/FortiAnalyzer CLI Command os command injectionmedium🔒---
204557HYPR Server direct request [CVE-2022-2192]low🔒---
204556Shanghai Feixun Data Communication Technology fir302b A2 Ping Privilege Escalationmedium🔒---
204555GNU SASL libgsasl out-of-bounds [CVE-2022-2469]low🔒---
204554IBM Partner Engagement Manager server-side request forgery [CVE-2022-22416]medium🔒---
204553LibTIFF TIFF File tif_dirread.c TIFFFetchStripThing uninitialized resourcelow🔒---
204552SourceCodester Simple E-Learning System search.php sql injectionmedium🔒---
204551SourceCodester Simple E-Learning System classRoom.php sql injectionmedium🔒---
204550Vesta UploadHandler.php body cross site scriptinglow🔒---
204549Vesta UploadHandler.php generate_response cross site scriptinglow🔒---
204548Vesta UploadHandler.php handle_file_upload cross site scriptinglow🔒---
204547Vesta UploadHandler.php cross site scriptinglow🔒---
204546wavpack wvunpack.c null pointer dereferencelow🔒---
204545IBM Partner Engagement Manager Web UI cross site scripting [CVE-2022-22417]low🔒---
204544IBM Partner Engagement Manager cross-site request forgery [CVE-2022-22359]low🔒---
204543IBM Partner Engagement Manager xml external entity referencemedium🔒---
204542Barangay Management System Resident Module resident.php unrestricted uploadmedium🔒---
204541Barangay Management System officials.php sql injectionmedium🔒---
204540IBM Partner Engagement Manager Request ldap injection [CVE-2022-22360]medium🔒---
204539WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injectionmedium🔒---
204538WAVLINK WN535K2/WN535K3 nightled.cgi os command injectionmedium🔒---
204537WAVLINK WN535K2/WN535K3 os command injection [CVE-2022-2486]medium🔒---
204536Oracle VM VirtualBox Core denial of service [CVE-2022-21554]low🔒---
204535Oracle VM VirtualBox Core Local Privilege Escalation [CVE-2022-21571]medium🔒---
204534Oracle Utilities Framework General denial of service [CVE-2020-36518]medium🔒---
204533Oracle ZFS Storage Appliance Kit Core unknown vulnerability [CVE-2022-21563]low🔒---
204532Oracle Solaris Kernel denial of service [CVE-2022-21439]low🔒---
204531Oracle Solaris SMB Server denial of service [CVE-2022-21533]medium🔒---
204530Oracle Solaris Remote Administration Daemon denial of servicemedium🔒---
204529Oracle Solaris Filesystem Privilege Escalation [CVE-2022-21524]medium🔒---
204528Oracle ZFS Storage Appliance Kit Operating System Image Remote Code Executionmedium🔒---
204527Oracle ZFS Storage Appliance Kit Core Local Privilege Escalationmedium🔒---
204526Oracle Agile Engineering Data Management Installation Issues unknown vulnerabilitylow🔒---
204525Oracle Autovue for Agile Product Lifecycle Management Internal Operations information disclosuremedium🔒---
204524Oracle Product Lifecycle Analytics Installation Issues denial of servicemedium🔒---
204523Oracle Agile Engineering Data Management Installation Issues information disclosuremedium🔒---
204522Oracle Agile Engineering Data Management Installation Issues denial of servicemedium🔒---
204521Oracle Agile PLM Security unknown vulnerability [CVE-2021-41184]medium🔒---
204520Oracle Agile PLM Security unknown vulnerability [CVE-2020-11022]medium🔒---
204519Oracle Product Lifecycle Analytics Installation Issues denial of servicemedium🔒---
204518Oracle Agile PLM Security denial of service [CVE-2022-23437]medium🔒---
204517Oracle Agile Engineering Data Management Installation Issues denial of servicemedium🔒---
204516Oracle Product Lifecycle Analytics Installation Issues Privilege Escalationmedium🔒---
204515Oracle Product Lifecycle Analytics Installation Issues Remote Code Executionmedium🔒---
204514Oracle Agile Engineering Data Management Installation Issues Remote Code Executionmedium🔒---
204513Oracle Product Lifecycle Analytics Installation Issues Remote Code Executionmedium🔒---
204512Oracle Agile PLM Security unknown vulnerability [CVE-2020-25649]medium🔒---
204511Oracle Agile PLM Security information disclosure [CVE-2021-40690]medium🔒---
204510Oracle Agile Engineering Data Management Installation Issues denial of servicemedium🔒---
204509Oracle Product Lifecycle Analytics Installation Issues Local Privilege Escalationmedium🔒---
204508Oracle Product Lifecycle Analytics Installation Issues unknown vulnerabilitymedium🔒---
204507Oracle Agile Engineering Data Management Installation Issues unknown vulnerabilitymedium🔒---
204506Oracle Agile Product Lifecycle Management for Process Reporting Remote Code Executionmedium🔒---
204505Oracle Agile PLM Security Remote Code Execution [CVE-2022-25762]medium🔒---
204504Oracle Transportation Management Mobile Applications Remote Code Executionhigh🔒---
204503Oracle Agile Engineering Data Management Installation Issues Remote Code Executionhigh🔒---
204502Oracle Siebel Apps Field Service Smart Answer denial of servicemedium🔒---
204501Oracle Retail Xstore Point of Service Xenvironment unknown vulnerabilitylow🔒---
204500Oracle Retail Pricing Pricing - Security unknown vulnerabilitylow🔒---
204499Oracle Retail Merchandising System Foundation unknown vulnerabilitylow🔒---
204498Oracle Retail Xstore Point of Service Xenvironment Privilege Escalationmedium🔒---
204497Oracle Retail Order Broker Internal Operations Privilege Escalationmedium🔒---
204496Oracle Retail Sales Audit others Remote Code Execution [CVE-2019-10086]medium🔒---
204495Oracle Retail Allocation General Remote Code Execution [CVE-2019-10086]medium🔒---
204494Oracle Retail Sales Audit others denial of service [CVE-2020-36518]medium🔒---
204493Oracle Retail Order Broker System Administration denial of servicemedium🔒---
204492Oracle Retail Customer Insights Other Local Privilege Escalationmedium🔒---
204491Oracle Retail Customer Insights Other Privilege Escalation [CVE-2021-29505]medium🔒---
204490Oracle Retail Merchandising System Foundation Remote Code Executionhigh🔒---
204489Oracle Retail Integration Bus RIB Kernal Remote Code Executionhigh🔒---
204488Oracle Retail Financial Integration PeopleSoft Integration Bugs Remote Code Executionhigh🔒---
204487Oracle Retail Extract Transform and Load Mathematical Operators Remote Code Executionhigh🔒---
204486Oracle Retail Customer Management and Segmentation Foundation Security Remote Code Executionhigh🔒---
204485Oracle Retail Bulk Data Integration BDI Job Scheduler Remote Code Executionhigh🔒---
204484Oracle Policy Automation Determinations Engine unknown vulnerabilitymedium🔒---
204483Oracle Policy Automation for Mobile Devices Core Functionality Privilege Escalationmedium🔒---
204482Oracle Policy Automation Determinations Engine Privilege Escalationmedium🔒---
204481Oracle PeopleSoft Enterprise PeopleTools Integration Broker information disclosurelow🔒---
204480Oracle PeopleSoft Enterprise PeopleTools XML Publisher information disclosurelow🔒---
204479Oracle PeopleSoft Enterprise PeopleTools XML Publisher unknown vulnerabilitymedium🔒---
204478Oracle PeopleSoft Enterprise PeopleTools PeopleSoft CDA unknown vulnerabilitymedium🔒---
204477Oracle PeopleSoft Enterprise PeopleTools Fluid Core unknown vulnerabilitymedium🔒---
204476Oracle PeopleSoft Enterprise PeopleTools Security denial of servicemedium🔒---
204475Oracle PeopleSoft Enterprise PeopleTools Security denial of servicemedium🔒---
204474Oracle PeopleSoft Enterprise PeopleTools Rich Text Editor denial of servicemedium🔒---
204473Oracle PeopleSoft Enterprise PeopleTools PeopleSoft CDA denial of servicemedium🔒---
204472Oracle PeopleSoft Enterprise PeopleTools Elastic Search denial of servicemedium🔒---
204471Oracle PeopleSoft Enterprise PeopleTools Updates Environment Mgmt Remote Code Executionhigh🔒---
204470Oracle MySQL Shell Core Client denial of service [CVE-2022-21535]low🔒---
204469Oracle MySQL Server Encryption denial of service [CVE-2022-21538]low🔒---
204468Oracle MySQL Shell for VS Code GUI unknown vulnerability [CVE-2022-21555]low🔒---
204467Oracle MySQL Server Stored Procedure denial of service [CVE-2022-21522]low🔒---
204466Oracle MySQL Server Stored Procedure denial of service [CVE-2022-21534]low🔒---
204465Oracle MySQL Server PAM Auth Plugin unknown vulnerability [CVE-2022-21455]low🔒---
204464Oracle MySQL Server Options denial of service [CVE-2022-21515]low🔒---
204463Oracle MySQL Server Optimizer denial of service [CVE-2022-21553]low🔒---
204462Oracle MySQL Server Optimizer denial of service [CVE-2022-21531]low🔒---
204461Oracle MySQL Server Optimizer denial of service [CVE-2022-21530]low🔒---
204460Oracle MySQL Server Optimizer denial of service [CVE-2022-21529]low🔒---
204459Oracle MySQL Server Optimizer denial of service [CVE-2022-21526]low🔒---
204458Oracle MySQL Server Optimizer denial of service [CVE-2022-21525]low🔒---
204457Oracle MySQL Server Federated denial of service [CVE-2022-21547]low🔒---
204456Oracle MySQL Server InnoDB denial of service [CVE-2022-21537]low🔒---
204455Oracle MySQL Server InnoDB denial of service [CVE-2022-21517]low🔒---
204454Oracle MySQL Server InnoDB Privilege Escalation [CVE-2022-21539]medium🔒---
204453Oracle MySQL Enterprise Monitor Service Manager unknown vulnerabilitymedium🔒---
204452Oracle MySQL Server Optimizer unknown vulnerability [CVE-2022-21509]medium🔒---
204451Oracle MySQL Server Optimizer unknown vulnerability [CVE-2022-21528]medium🔒---
204450Oracle MySQL Server Optimizer unknown vulnerability [CVE-2022-21527]medium🔒---
204449Oracle MySQL Cluster denial of service [CVE-2022-21519]medium🔒---
204448Oracle MySQL Cluster Privilege Escalation [CVE-2022-21550]medium🔒---
204447Oracle MySQL Server Optimizer denial of service [CVE-2022-21569]medium🔒---
204446Oracle MySQL Server Optimizer unknown vulnerability [CVE-2022-21556]medium🔒---
204445Oracle MySQL Enterprise Monitor Monitoring unknown vulnerabilitymedium🔒---
204444Oracle MySQL Workbench denial of service [CVE-2022-23308]medium🔒---
204443Oracle MySQL Server Compiling denial of service [CVE-2018-25032]medium🔒---
204442Oracle MySQL Enterprise Monitor Monitoring denial of servicemedium🔒---
204441Oracle MySQL Server Packaging name resolution [CVE-2022-27778]medium🔒---
204440Oracle MySQL Cluster Cluster: General prototype pollution [CVE-2022-21824]medium🔒---
204439Oracle MySQL Workbench os command injection [CVE-2022-1292]high🔒---
204438Oracle MySQL Server Server: Packaging os command injection [CVE-2022-1292]high🔒---
204437Oracle MySQL Enterprise Monitor Monitoring: General unknown vulnerabilityhigh🔒---
204436Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator information disclosurelow🔒---
204435Oracle JD Edwards EnterpriseOne Tools Web Runtime cross site scriptingmedium🔒---
204434Oracle JD Edwards EnterpriseOne Tools Web Runtime information disclosuremedium🔒---
204433Oracle JD Edwards EnterpriseOne Tools Web Runtime Privilege Escalationmedium🔒---
204432Oracle JD Edwards EnterpriseOne Orchestrator E1 IOT Orchestrator denial of servicemedium🔒---
204431Oracle JD Edwards EnterpriseOne Tools E1 Dev Platform Tech - Cloud input validationhigh🔒---
204430Oracle Java SE Libraries unknown vulnerability [CVE-2022-21549]medium🔒---
204429Oracle Java SE Hotspot information disclosure [CVE-2022-21540]medium🔒---
204428Oracle Java SE Hotspot unknown vulnerability [CVE-2022-21541]medium🔒---
204427Oracle GraalVM Enterprise Edition Native Image denial of servicemedium🔒---
204426Oracle Java SE JAXP numeric conversion [CVE-2022-34169]medium🔒---
204425Oracle Hospitality Cruise Shipboard Property Management System Next-Gen SPMS denial of servicemedium🔒---
204424Oracle Hospitality OPERA 5 Login unknown vulnerability [CVE-2021-31805]high🔒---
204423Oracle Health Sciences Information Manager Health Policy Engine denial of servicemedium🔒---
204422Oracle Health Sciences Information Manager Health Policy Engine denial of servicemedium🔒---
204421Oracle Healthcare Foundation Upload Service denial of servicemedium🔒---
204420Oracle Health Sciences Data Management Workbench User Interface path traversallow🔒---
204419Oracle Health Sciences Data Management Workbench User Interface information disclosuremedium🔒---
204418Oracle Health Sciences Data Management Workbench User Interface input validationmedium🔒---
204417Oracle Health Sciences Data Management Workbench User Interface code injectionmedium🔒---
204416Oracle Health Sciences Data Management Workbench User Interface deserializationmedium🔒---
204415Oracle Health Sciences Empirica Signal Web Services denial of servicemedium🔒---
204414Oracle BI Publisher BI Publisher Security information disclosurelow🔒---
204413Oracle WebLogic Server Web Services denial of service [CVE-2022-21564]medium🔒---
204412Oracle WebLogic Server Core denial of service [CVE-2022-21560]medium🔒---
204411Oracle HTTP Server Web Listener information disclosure [CVE-2019-0220]medium🔒---
204410Oracle WebLogic Server Web Container unknown vulnerability [CVE-2022-21557]medium🔒---
204409Oracle WebCenter Sites Support Tools User Interface Privilege Escalationmedium🔒---
204408Oracle WebLogic Server Centralized Third Party Jars cross site scriptingmedium🔒---
204407Oracle HTTP Server SSL Module redirect [CVE-2020-1927]medium🔒---
204406Oracle Business Intelligence Enterprise Edition Service Administration UI cross site scriptingmedium🔒---
204405Oracle WebLogic Server Core unknown vulnerability [CVE-2022-21548]medium🔒---
204404Oracle Global Lifecycle Management NextGen OUI Framework NextGen Installer issues denial of servicemedium🔒---
204403Oracle Global Lifecycle Management NextGen OUI Framework NextGen Installer issues denial of servicemedium🔒---
204402Oracle HTTP Server SSL Module out-of-bounds [CVE-2021-35940]medium🔒---
204401Oracle WebCenter Content Search unknown vulnerability [CVE-2022-21552]medium🔒---
204400Oracle WebLogic Server Centralized Thirdparty Jars information disclosuremedium🔒---
204399Oracle WebLogic Server Centralized Third Party Jars denial of servicemedium🔒---
204398Oracle WebLogic Server Centralized Third Party Jars denial of servicemedium🔒---
204397Oracle WebLogic Server Centralized Third Party Jars denial of servicemedium🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
204396Oracle SOA Suite Fabric Layer unknown vulnerability [CVE-2022-21562]medium🔒---
204395Oracle Middleware Common Libraries and Tools Thirdparty Patch denial of servicemedium🔒---
204394Oracle Managed File Transfer MFT Runtime Server denial of servicemedium🔒---
204393Oracle Global Lifecycle Management NextGen OUI Framework NextGen Installer issues denial of servicemedium🔒---
204392Oracle Coherence Core denial of service [CVE-2022-21570]medium🔒---
204391Oracle Coherence Centralized Thirdparty Jars denial of servicemedium🔒---
204390Oracle BI Publisher BI Publisher Security server-side request forgerymedium🔒---
204389Oracle WebLogic Server Centralized Third Party Jars input validationmedium🔒---
204388Oracle WebLogic Server Installer Remote Code Execution [CVE-2021-2351]medium🔒---
204387Oracle WebCenter Portal Security Framework deserialization [CVE-2021-39139]medium🔒---
204386Oracle Weblogic Server Proxy Plug-in SSL Module input validationhigh🔒---
204385Oracle WebLogic Server Centralized Third Party Jars origin validationhigh🔒---
204384Oracle Security Service C SSL API input validation [CVE-2020-35169]high🔒---
204383Oracle Middleware Common Libraries and Tools Thirdparty Patch xml entity expansionhigh🔒---
204382Oracle HTTP Server SSL Module input validation [CVE-2020-35169]high🔒---
204381Oracle HTTP Server SSL Module use after free [CVE-2019-10082]high🔒---
204380Oracle WebLogic Server Third Party Tools/Samples code injectionhigh🔒---
204379Oracle WebLogic Server Sample apps prototype pollution [CVE-2021-23450]high🔒---
204378Oracle WebLogic Server Centralized Third Party Jars path traversalhigh🔒---
204377Oracle Middleware Common Libraries and Tools Third Party Patch input validationhigh🔒---
204376Oracle Hospitality Materials Control Receipt cross site scriptingmedium🔒---
204375Oracle Hospitality Inventory Management Receipt cross site scriptingmedium🔒---
204374Oracle Hospitality Inventory Management Installation Remote Code Executionmedium🔒---
204373Oracle FLEXCUBE Core Banking Securities path traversal [CVE-2021-29425]low🔒---
204372Oracle Financial Services Crime and Compliance Management Studio information disclosuremedium🔒---
204371Oracle Financial Services Crime and Compliance Management Studio information disclosuremedium🔒---
204370Oracle Financial Services Revenue Management and Billing Infrastructure Privilege Escalationmedium🔒---
204369Oracle Banking Trade Finance Infrastructure Privilege Escalationmedium🔒---
204368Oracle Banking Platform SECURITY cross site scripting [CVE-2021-41184]medium🔒---
204367Oracle FLEXCUBE Universal Banking Infrastructure unknown vulnerabilitymedium🔒---
204366Oracle FLEXCUBE Universal Banking Infrastructure unknown vulnerabilitymedium🔒---
204365Oracle FLEXCUBE Universal Banking Infrastructure Privilege Escalationmedium🔒---
204364Oracle Banking Trade Finance Infrastructure unknown vulnerabilitymedium🔒---
204363Oracle Banking Trade Finance Infrastructure unknown vulnerabilitymedium🔒---
204362Oracle Banking Trade Finance Infrastructure Privilege Escalationmedium🔒---
204361Oracle FLEXCUBE Universal Banking Infrastructure denial of servicemedium🔒---
204360Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204359Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204358Oracle Banking Platform SECURITY request smuggling [CVE-2021-43797]medium🔒---
204357Oracle Banking Party Management Web UI request smuggling [CVE-2021-43797]medium🔒---
204356Oracle Banking Party Management Web UI denial of service [CVE-2022-23437]medium🔒---
204355Oracle Banking Deposits and Lines of Credit Servicing Web UI request smugglingmedium🔒---
204354Oracle Banking Deposits and Lines of Credit Servicing Web UI denial of servicemedium🔒---
204353Oracle FLEXCUBE Private Banking Infrastructure input validationmedium🔒---
204352Oracle FLEXCUBE Universal Banking Infrastructure Privilege Escalationmedium🔒---
204351Oracle FLEXCUBE Universal Banking Infrastructure Privilege Escalationmedium🔒---
204350Oracle Banking Trade Finance Infrastructure Privilege Escalationmedium🔒---
204349Oracle Banking Trade Finance Infrastructure Privilege Escalationmedium🔒---
204348Oracle Financial Services Crime and Compliance Management Studio toctoumedium🔒---
204347Oracle FLEXCUBE Universal Banking Infrastructure Privilege Escalationmedium🔒---
204346Oracle Financial Services Crime and Compliance Management Studio code injectionmedium🔒---
204345Oracle Financial Services Crime and Compliance Management Studio os command injectionmedium🔒---
204344Oracle FLEXCUBE Private Banking Infrastructure denial of servicemedium🔒---
204343Oracle FLEXCUBE Private Banking Infrastructure information disclosuremedium🔒---
204342Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition User Interface denial of servicemedium🔒---
204341Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition User Interface denial of servicemedium🔒---
204340Oracle Financial Services Enterprise Case Management Installers denial of servicemedium🔒---
204339Oracle Financial Services Enterprise Case Management Installers denial of servicemedium🔒---
204338Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204337Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204336Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204335Oracle Financial Services Crime and Compliance Management Studio information disclosuremedium🔒---
204334Oracle Financial Services Crime and Compliance Management Studio denial of servicemedium🔒---
204333Oracle Financial Services Behavior Detection Platform Web UI denial of servicemedium🔒---
204332Oracle Financial Services Behavior Detection Platform Third Party denial of servicemedium🔒---
204331Oracle Financial Services Analytical Applications Infrastructure Others denial of servicemedium🔒---
204330Oracle Financial Services Analytical Applications Infrastructure Others denial of servicemedium🔒---
204329Oracle Financial Services Crime and Compliance Management Studio authorizationmedium🔒---
204328Oracle Financial Services Crime and Compliance Management Studio authorizationmedium🔒---
204327Oracle Financial Services Crime and Compliance Management Studio authorizationhigh🔒---
204326Oracle Financial Services Crime and Compliance Management Studio input validationhigh🔒---
204325Oracle Financial Services Crime and Compliance Management Studio improper authenticationhigh🔒---
204324Oracle Banking Virtual Account Management Common code injectionhigh🔒---
204323Oracle Banking Trade Finance Process Management Common code injectionhigh🔒---
204322Oracle Banking Supply Chain Finance Common code injection [CVE-2022-22963]high🔒---
204321Oracle Banking Origination Common code injection [CVE-2022-22963]high🔒---
204320Oracle Banking Liquidity Management Common code injection [CVE-2022-22963]high🔒---
204319Oracle Banking Electronic Data Exchange for Corporates Common code injectionhigh🔒---
204318Oracle Banking Credit Facilities Process Management Common code injectionhigh🔒---
204317Oracle Banking Corporate Lending Process Management Common code injectionhigh🔒---
204316Oracle Banking Cash Management Common code injection [CVE-2022-22963]high🔒---
204315Oracle Banking Branch Common code injection [CVE-2022-22963]high🔒---
204314Oracle Enterprise Manager Base Platform Enterprise Manager Install cross site scriptingmedium🔒---
204313Oracle Enterprise Manager Base Platform Enterprise Manager Install Remote Code Executionmedium🔒---
204312Oracle Application Testing Suite Load Testing for Web Apps code injectionmedium🔒---
204311Oracle Enterprise Manager Base Platform Policy Framework Remote Code Executionmedium🔒---
204310Oracle Enterprise Manager Ops Center Networking os command injectionhigh🔒---
204309Oracle Enterprise Manager Ops Center Networking integer overflowhigh🔒---
204308Oracle iRecruitment Candidate Self Service Registration information disclosuremedium🔒---
204307Oracle iReceivables Access Request information disclosure [CVE-2022-21568]medium🔒---
204306Oracle Workflow Worklist information disclosure [CVE-2022-21567]medium🔒---
204305Oracle User Management Proxy User Delegation information disclosuremedium🔒---
204304Oracle Applications Framework Diagnostics information disclosuremedium🔒---
204303Oracle E-Business Suite Information Discovery Packaging issues sql injectionhigh🔒---
204302Oracle Primavera Unifier Document Management denial of servicemedium🔒---
204301Oracle Primavera Unifier Platform/User Interface denial of servicemedium🔒---
204300Oracle Primavera P6 Enterprise Project Portfolio Management Web Access denial of servicemedium🔒---
204299Oracle Primavera Gateway Admin denial of service [CVE-2022-23437]medium🔒---
204298Oracle Primavera Unifier Document Management denial of servicemedium🔒---
204297Oracle Primavera Gateway Admin denial of service [CVE-2020-36518]medium🔒---
204296Oracle Crystal Ball Installation Local Privilege Escalation [CVE-2022-21558]medium🔒---
204295Oracle Communications Cloud Native Core Policy denial of servicemedium🔒---
204294Oracle Communications Cloud Native Core Binding Support Function BSF lockingmedium🔒---
204293Oracle Communications Cloud Native Core Policy input validationmedium🔒---
204292Oracle Communications Cloud Native Core Network Slice Selection Function NSSF denial of servicemedium🔒---
204291Oracle Communications Cloud Native Core Unified Data Repository UDR Privilege Escalationmedium🔒---
204290Oracle Communications Cloud Native Core Console CNC Console Privilege Escalationmedium🔒---
204289Oracle SD-WAN Edge MGMT denial of service [CVE-2020-36518]medium🔒---
204288Oracle Enterprise Session Border Controller Security denial of servicemedium🔒---
204287Oracle Enterprise Communications Broker Security denial of servicemedium🔒---
204286Oracle Communications Unified Session Manager Security denial of servicemedium🔒---
204285Oracle Communications Session Border Controller Security denial of servicemedium🔒---
204284Oracle Communications Operations Monitor Mediation Engine denial of servicemedium🔒---
204283Oracle Communications Core Session Manager Security denial of servicemedium🔒---
204282Oracle Communications Cloud Native Core Unified Data Repository UDR denial of servicemedium🔒---
204281Oracle Communications Cloud Native Core Unified Data Repository UDR denial of servicemedium🔒---
204280Oracle Communications Cloud Native Core Unified Data Repository UDR denial of servicemedium🔒---
204279Oracle Communications Cloud Native Core Unified Data Repository UDR denial of servicemedium🔒---
204278Oracle Communications Cloud Native Core Service Communication Proxy SCP denial of servicemedium🔒---
204277Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP denial of servicemedium🔒---
204276Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP denial of servicemedium🔒---
204275Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP denial of servicemedium🔒---
204274Oracle Communications Cloud Native Core Network Slice Selection Function NSSF denial of servicemedium🔒---
204273Oracle Communications Cloud Native Core Network Slice Selection Function NSSF denial of servicemedium🔒---
204272Oracle Communications Cloud Native Core Network Repository Function NRF denial of servicemedium🔒---
204271Oracle Communications Cloud Native Core Network Repository Function NRF denial of servicemedium🔒---
204270Oracle Communications Cloud Native Core Network Repository Function NRF denial of servicemedium🔒---
204269Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE denial of servicemedium🔒---
204268Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE path traversalmedium🔒---
204267Oracle Communications Cloud Native Core Network Exposure Function NEF denial of servicemedium🔒---
204266Oracle Communications Cloud Native Core Console CNC Console denial of servicemedium🔒---
204265Oracle Communications Cloud Native Core Binding Support Function BSF denial of servicemedium🔒---
204264Oracle Communications Cloud Native Core Binding Support Function BSF denial of servicemedium🔒---
204263Oracle Communications Operations Monitor Fraud Detection Monitor code injectionmedium🔒---
204262Oracle Communications Cloud Native Core Policy Linux privileges managementmedium🔒---
204261Oracle Communications Cloud Native Core Network Exposure Function Linux privileges managementmedium🔒---
204260Oracle Communications Cloud Native Core Binding Support Function Linux privileges managementmedium🔒---
204259Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP sql injectionmedium🔒---
204258Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE sql injectionmedium🔒---
204257Oracle Communications Cloud Native Core Console CNC Console sql injectionmedium🔒---
204256Oracle Enterprise Operations Monitor Mediation Engine buffer overflowhigh🔒---
204255Oracle Communications Cloud Native Core Unified Data Repository UDR buffer overflowhigh🔒---
204254Oracle Communications Cloud Native Core Unified Data Repository UDR deserializationhigh🔒---
204253Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP buffer overflowhigh🔒---
204252Oracle Communications Cloud Native Core Policy code injectionhigh🔒---
204251Oracle Communications Cloud Native Core Network Repository Function NRF buffer overflowhigh🔒---
204250Oracle Communications Cloud Native Core Network Function Cloud Native Environment DBTier code injectionhigh🔒---
204249Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE buffer overflowhigh🔒---
204248Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE buffer overflowhigh🔒---
204247Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE input validationhigh🔒---
204246Oracle Communications Cloud Native Core Network Exposure Function NEF use after freehigh🔒---
204245Oracle Communications Cloud Native Core Binding Support Function BSF buffer overflowhigh🔒---
204244Oracle Communications Cloud Native Core Binding Support Function BSF code injectionhigh🔒---
204243Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP code injectionhigh🔒---
204242Oracle Communications Cloud Native Core Network Repository Function NRF code injectionhigh🔒---
204241Oracle Communications Cloud Native Core Console CNC Console code injectionhigh🔒---
204240Oracle Communications Cloud Native Core Binding Support Function BSF code injectionhigh🔒---
204239Oracle Communications Billing and Revenue Management Connection Manager denial of servicemedium🔒---
204238Oracle Communications Billing and Revenue Management Billing Care unknown vulnerabilitymedium🔒---
204237Oracle Communications BRM - Elastic Charging Engine Notifications information disclosuremedium🔒---
204236Oracle Communications Design Studio Patch Request denial of servicemedium🔒---
204235Oracle Communications Design Studio PSR Designer request smugglingmedium🔒---
204234Oracle Communications Billing and Revenue Management Billing Care denial of servicemedium🔒---
204233Oracle Communications ASAP SRT denial of service [CVE-2022-23437]medium🔒---
204232Oracle Communications Offline Mediation Controller Admin Server/Node Manager input validationmedium🔒---
204231Oracle Communications BRM - Elastic Charging Engine Charging Server input validationmedium🔒---
204230Oracle Communications BRM - Elastic Charging Engine EM Gateway denial of servicemedium🔒---
204229Oracle Communications BRM - Elastic Charging Engine 5G gateway denial of servicemedium🔒---
204228Oracle Communications Billing and Revenue Management Billing Care/BOC/DM Kafka/REST API denial of servicemedium🔒---
204227Oracle Communications Billing and Revenue Management Billing Care Remote Code Executionmedium🔒---
204226Oracle Communications Unified Inventory Management TMF APIs code injectionhigh🔒---
204225Oracle Communications Unified Inventory Management Cloud Native certificate validationhigh🔒---
204224Oracle Communications Offline Mediation Controller Charging Server sql injectionhigh🔒---
204223Oracle Communications Instant Messaging Server XMPP Server sql injectionhigh🔒---
204222Oracle Commerce Platform Dynamo Application Framework information disclosuremedium🔒---
204221Oracle Commerce Guided Search Framework/Experience Manager os command injectionmedium🔒---
204220Oracle Commerce Guided Search Framework/Experience Manager certificate validationmedium🔒---
204219Oracle Commerce Platform Endeca Integration information disclosuremedium🔒---
204218Oracle Commerce Platform Dynamo Application Framework denial of servicemedium🔒---
204217Oracle Commerce Merchandising Core denial of service [CVE-2022-24729]medium🔒---
204216Oracle Commerce Guided Search Framework/Experience Manager information disclosuremedium🔒---
204215Oracle Commerce Guided Search Content Acquisition System information disclosuremedium🔒---
204214Oracle Commerce Guided Search Framework/Experience Manager Remote Code Executionmedium🔒---
204213Oracle Commerce Platform Endeca Integration code injection [CVE-2022-22965]high🔒---
204212Oracle Commerce Guided Search Framework/Experience Manager cross-site request forgeryhigh🔒---
204211Oracle Commerce Guided Search Content Acquisition System xml external entity referencehigh🔒---
204210Oracle TimesTen In-Memory Database TimesTen In-Memory Database Cache Remote Code Executionmedium🔒---
204209Oracle Spatial Studio denial of service [CVE-2020-36518]medium🔒---
204208Oracle REST Data Services information disclosure [CVE-2021-34429]medium🔒---
204207Oracle REST Data Services cross site scripting [CVE-2021-41184]medium🔒---
204206Oracle Graph Server and Client denial of service [CVE-2020-36518]medium🔒---
204205Oracle Stream Analytics denial of service [CVE-2021-37714]low🔒---
204204Oracle Stream Analytics information disclosure [CVE-2021-34429]medium🔒---
204203Oracle GoldenGate Privilege Escalation [CVE-2022-21551]medium🔒---
204202Oracle GoldenGate denial of service [CVE-2021-3749]medium🔒---
204201Oracle Global Lifecycle Management OPatch Patch Installer denial of servicelow🔒---
204200Oracle Essbase Security/Provisioning unknown vulnerability [CVE-2022-21508]medium🔒---
204199Oracle Big Data Spatial and Graph Big Data Graph cross site scriptingmedium🔒---
204198Oracle Big Data Spatial and Graph Big Data Graph denial of servicemedium🔒---
204197Oracle Big Data Spatial and Graph Big Data Graph denial of servicemedium🔒---
204196Oracle Database Enterprise Edition RDBMS Security DBA role denial of servicelow🔒---
204195Oracle Spatial and Graph Create Session denial of service [CVE-2021-45943]low🔒---
204194Oracle SQLcl Local Logon information disclosure [CVE-2022-0839]medium🔒---
204193Oracle Application Express User Account cross site scriptingmedium🔒---
204192Oracle Application Express User Account denial of service [CVE-2022-24729]medium🔒---
204191Oracle Java VM Create Procedure unknown vulnerability [CVE-2022-21565]medium🔒---
204190Oracle Database Enterprise Edition Recovery EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT Privilege Escalationmedium🔒---
204189Oracle Database Enterprise Edition Sharding Local Logon Local Privilege Escalationmedium🔒---
204188Oracle Database Enterprise Edition input validation [CVE-2020-35169]high🔒---
204187Mozilla Firefox Internal URL Protection access control [CVE-2022-31746]medium🔒---
204186Zyxel USG ZyWALL CLI Command privileges management [CVE-2022-30526]medium🔒---
204185Octopus Deploy unknown vulnerability [CVE-2022-30532]low🔒---
204184Zyxel USG ZyWALL CGI Program path traversal [CVE-2022-2030]medium🔒---
204183Parallels Access Desktop Control Agent service uncontrolled search pathmedium🔒---
204182Feed Them Social Plugin deserialization [CVE-2022-2437]medium🔒---
204181cPanel Hudson xml external entity reference [CVE-2015-8031]low🔒---
204180Fortinet FortiClient FortiESNAC Service path traversal [CVE-2021-41031]medium🔒---
204179Check Point Capsule Workspace App buffer overflow [CVE-2022-23745]medium🔒---
204178Parallels Desktop ACPI Virtual Device out-of-bounds [CVE-2022-34889]medium🔒---
204177AnyDesk symlink [CVE-2022-32450]medium🔒---
204176Fortinet FortiADC Management Interface sql injection [CVE-2022-26120]medium🔒---
204175Fortinet FortiNAC CLI empty password in configuration file [CVE-2022-26117]medium🔒---
204174Fortinet FortiOS Captive Portal Authentication Replacement Page cross site scriptinglow🔒---
204173IBM FSP access control [CVE-2022-22445]medium🔒---
204172Fortinet FortiOS/FortiProxy Command Line Argument stack-based overflowmedium🔒---
204171Fortinet FortiSwitch integer overflow [CVE-2021-42755]low🔒---
204170dompdf file inclusion [CVE-2022-2400]low🔒---
204169Zoho ManageEngine Password Manager Pro/OPManager access controlmedium🔒---
204168Chcnav P5E GNSS wifi_ap_pata_get.cmd information disclosurelow🔒---
204167Chcnav P5E GNSS admin.html password recoverymedium🔒---
204166Chcnav P5E GNSS authentication bypass [CVE-2022-30623]medium🔒---
204165Cellinx NVT IP PTZ Camera Cookie access control [CVE-2022-30620]medium🔒---
204164Fortinet FortiAnalyzer privilege chaining [CVE-2022-26118]medium🔒---
204163Parallels Access uncontrolled search path [CVE-2022-34901]medium🔒---
204162Parallels Access Symbolic Links toctou [CVE-2022-34899]medium🔒---
204161SourceCodester Garage Management System editbrand.php sql injectionmedium🔒---
204160SourceCodester Garage Management System login.php sql injectionmedium🔒---
204159Parallels Desktop permission assignment [CVE-2022-34891]medium🔒---
204158CVA6 Instruction exceptional condition [CVE-2022-34639]low🔒---
204157CVA6 Virtual Address exceptional condition [CVE-2022-34637]medium🔒---
204156Samsung CVA6 Privilege Escalation [CVE-2022-34635]medium🔒---
204155CVA6 exceptional condition [CVE-2022-34634]low🔒---
204154CVA6 exceptional condition [CVE-2022-34633]low🔒---
204153HTMLDoc html.cxx e_node heap-based overflowmedium🔒---
204152HTMLDoc html.cxx write_header heap-based overflowmedium🔒---
204151Nginx NJS njs_value.c njs_value_own_enumerate memory corruptionmedium🔒---
204150Nginx NJS njs_value_conversion.h njs_value_to_number memory corruptionmedium🔒---
204149Nginx NJS njs_djb_hash.c njs_djb_hash memory corruptionmedium🔒---
204148Nginx NJS njs_scope.h njs_scope_value out-of-boundslow🔒---
204147Nginx NJS njs_utf8.h njs_utf8_next memory corruptionmedium🔒---
204146Nginx NJS njs_value.c njs_value_property memory corruptionmedium🔒---
204145Foxit PDF Reader Doc Object out-of-bounds [CVE-2022-28682]medium🔒---
204144Kentico GetResource denial of service [CVE-2022-32387]low🔒---
204143Linux Kernel IOCTL out-of-bounds write [CVE-2021-33656]medium🔒---
204142Linux Kernel IOCTL out-of-bounds write [CVE-2021-33655]medium🔒---
204141Chcnav P5E GNSS information disclosure [CVE-2022-30627]low🔒---
204140Chcnav P5E GNSS Web Server exposure of information through directory listinglow🔒---
204139DSK DSKNet HTTP Request sql injection [CVE-2022-24691]medium🔒---
204138Apache CloudStack SAML 2.0 Plugin xml external entity referencelow🔒---
204137Parallels Desktop race condition [CVE-2022-34892]medium🔒---
204136Parallels Desktop Tools untrusted pointer dereference [CVE-2022-34890]medium🔒---
204135DSK DSKNet cross site scripting [CVE-2022-24692]low🔒---
204134RISCV ISA Sim exceptional condition [CVE-2022-34643]medium🔒---
204133RISCV ISA Sim mcontrol.action denial of service [CVE-2022-34642]low🔒---
204132CVA6/riscv-boom Address Translation exceptional condition [CVE-2022-34641]low🔒---
204131CVA6 Privilege Escalation [CVE-2022-34640]medium🔒---
204130CVA6/riscv-boom Address Translation exceptional condition [CVE-2022-34636]medium🔒---
204129Foxit PDF Reader ADBC Object out-of-bounds [CVE-2022-34875]low🔒---
204128Foxit PDF Reader Doc Object out-of-bounds [CVE-2022-34874]low🔒---
204127Foxit PDF Reader Annotation Object information disclosure [CVE-2022-34873]low🔒---
204126Foxit PDF Reader deletePages use after freemedium🔒---
204125Foxit PDF Reader deletePages information disclosurelow🔒---
204124Foxit PDF Reader Annotation Object out-of-bounds [CVE-2022-28680]medium🔒---
204123Foxit PDF Reader Annotation Object use after free [CVE-2022-28679]medium🔒---
204122Foxit PDF Reader Doc Object use after free [CVE-2022-28678]medium🔒---
204121Foxit PDF Reader Annotation Object use after free [CVE-2022-28677]medium🔒---
204120Foxit PDF Reader Doc Object use after free [CVE-2022-28676]medium🔒---
204119Foxit PDF Reader Annotation Object use after free [CVE-2022-28675]medium🔒---
204118Foxit PDF Reader Annotation Object use after free [CVE-2022-28674]medium🔒---
204117Foxit PDF Reader Doc Object use after free [CVE-2022-28673]medium🔒---
204116Foxit PDF Reader Doc Object use after free [CVE-2022-28672]medium🔒---
204115Foxit PDF Reader Doc Object use after free [CVE-2022-28671]medium🔒---
204114Foxit PDF Reader AcroForms out-of-bounds [CVE-2022-28670]low🔒---
204113Foxit PDF Reader Doc Object use after free [CVE-2022-28669]medium🔒---
204112Fortinet FortiTokenAndroid/FortiTokeniOS/FortiTokenWinApp certificate validationmedium🔒---
204111Cellinx NVT IP PTZ Camera GetFileContent.cgi information disclosurelow🔒---
204110Rocket-Chip RocketCore.scala cryptographic issueslow🔒---
204109Apache SkyWalking NodeJS Agent denial of service [CVE-2022-36127]low🔒---
204108Gallery for Social Photo gifeed_duplicate_feed cross-site request forgerylow🔒---
204107Image Slider Plugin ewic_duplicate_slider cross-site request forgerylow🔒---
204106Download Manager Plugin cross site scripting [CVE-2022-2101]low🔒---
204105Button Widget Smartsoft Plugin smartsoftbutton_settings Page cross-site request forgerylow🔒---
204104DSK DSKNet Account Information Pages access control [CVE-2022-24689]medium🔒---
204103Wbcom Designs BuddyPress Group Reviews Plugin authorization [CVE-2022-2108]medium🔒---
204102Parallels Access Agent Dispatcher Service uncontrolled search pathmedium🔒---
204101ZTE ZXEN CG200 HTTP GET Request denial of service [CVE-2022-23142]low🔒---
204100GiveWP Plugin REST API Endpoint donor-wall information disclosurelow🔒---
204099IBM Engineering Requirements Quality Assistant On-Premises information disclosurelow🔒---
204098IBM Engineering Requirements Quality Assistant On-Premises cross-site request forgerylow🔒---
204097IBM Engineering Requirements Quality Assistant On-Premises Web UI cross site scriptinglow🔒---
204096IBM Engineering Requirements Quality Assistant On-Premises Web UI cross site scriptinglow🔒---
204095DSK DSKNet HTTP Request PresAbs.php sql injectionmedium🔒---
204094Fortinet FortiAuthenticator OWA Agent for Microsoft OWA HTTP GET Request cross site scriptinglow🔒---
204093WP All Import Plugin wp_all_import_get_gz.php unrestricted uploadmedium🔒---
204092DX Share Selection Plugin dx-share-selection.php dxss_admin_page cross-site request forgerylow🔒---
204091FreeMind WP Browser Plugin freemind-wp-browser.php FreemindOptions cross-site request forgerylow🔒---
204090AnyMind Widget Plugin anymind-widget-id.php createDOMStructure cross-site request forgerylow🔒---
204089Free Live Chat Support Plugin livesupporti.php livesupporti_settings cross-site request forgerylow🔒---
204088DSK DSKNet Touch Settings unrestricted upload [CVE-2022-24688]medium🔒---
204087Visualizer Tables and Charts Manager Plugin deserialization [CVE-2022-2444]medium🔒---
204086Apache Spark UI command injection [CVE-2022-33891]medium🔒---
204085Ferdi/Ferdium cross-site request forgery [CVE-2022-32320]low🔒---
204084SoftGuard Web Export pathname traversal [CVE-2022-31202]low🔒---
204083ShowMyPC 3606 wodVPN.dll uncontrolled search path [CVE-2021-42923]medium🔒---
204082Irfan Skiljan IrfanView ShowPlugInSaveOptions_W memory corruptionmedium🔒---
204081Irfan Skiljan IrfanView ShowPlugInSaveOptions_W memory corruptionmedium🔒---
204080Irfan Skiljan IrfanView ShowPlugInSaveOptions_W memory corruptionmedium🔒---
204079Tor Browser RTT Estimation denial of service [CVE-2022-33903]low🔒---
204078Nexans FTTO GigaSwitch SSH Service libnx_apl.so backdoormedium🔒---
204077SoftGuard Web injection [CVE-2022-31201]low🔒---
204076Gentics CMS cross site scripting [CVE-2022-30982]low🔒---
204075Pexip Infinity Conference Join access control [CVE-2022-25357]medium🔒---
204074Infiray IRAY-A8Z3 Web Application set_param.cgi hard-coded credentialsmedium🔒---
204073Unit4 Teta Mobile Edition errorReporting Page sql injection [CVE-2022-27434]medium🔒---
204072lemonldap-ng x.509 Certificate NG certificate validationmedium🔒---
204071Pexip Infinity G.719 denial of service [CVE-2022-32263]low🔒---
204070dbus-broker XML Config File null pointer dereference [CVE-2022-31213]low🔒---
204069dbus-broker Exec Line Parser stack-based overflow [CVE-2022-31212]medium🔒---
204068Infiray IRAY-A8Z3 strcpy buffer overflowmedium🔒---
204067Infiray IRAY-A8Z3 Web Server Privilege Escalation [CVE-2022-31208]medium🔒---
204066Open Design Alliance Drawings SDK DWG File out-of-bounds [CVE-2022-28809]low🔒---
204065Open Design Alliance Drawings SDK DWG File out-of-bounds [CVE-2022-28808]low🔒---
204064Open Design Alliance Drawings SDK DWG File Renderer out-of-boundslow🔒---
204063Poly EagleEye Director II os.system os command injectionmedium🔒---
204062Poly Studio CSR Action command injection [CVE-2022-26481]medium🔒---
204061Poly EagleEye Director II API Call improper authentication [CVE-2022-26479]medium🔒---
204060Squid Web Proxy Gopher Server Response denial of service [CVE-2021-46784]low🔒---
204059Reolink E1 Zoom Camera Web Server information disclosure [CVE-2021-40150]low🔒---
204058Chcnav P5E GNSS sys_username_passwd.cmd information disclosurelow🔒---
204057Pexip Infinity H.323 denial of service [CVE-2022-27936]low🔒---
204056Pexip Infinity Epic Telehealth denial of service [CVE-2022-27935]low🔒---
204055Pexip Infinity HTTP denial of service [CVE-2022-27934]low🔒---
204054Pexip Infinity One Touch Join denial of service [CVE-2022-27933]low🔒---
204053Pexip Infinity One Touch Join denial of service [CVE-2022-27932]low🔒---
204052Pexip Infinity Session Initiation Protocol denial of servicelow🔒---
204051Pexip Infinity Single-Sign-On random values [CVE-2022-27930]low🔒---
204050Pexip Infinity HTTP denial of service [CVE-2022-27929]low🔒---
204049QVIS NVR DVR sudo Configuration access control [CVE-2021-44954]medium🔒---
204048QVIS NVR DVR deserialization [CVE-2021-41419]medium🔒---
204047lemonldap-ng RESTServer Plug-in NG improper authenticationmedium🔒---
204046Pexip Infinity Session Initiation Protocol denial of servicelow🔒---
204045Pexip Infinity One Touch Join denial of service [CVE-2022-26657]low🔒---
204044Pexip Infinity One Touch Join Privilege Escalation [CVE-2022-26656]low🔒---
204043Pexip Infinity Client API denial of service [CVE-2022-26655]low🔒---
204042Gentics CMS ZIP File deserialization [CVE-2022-30981]medium🔒---
204041Infiray IRAY-A8Z3 Telnet Service missing authentication [CVE-2022-31211]medium🔒---
204040Pexip Infinity resource consumption [CVE-2022-29286]low🔒---
204039Reolink E1 Zoom Camera SSL Private Key self.key information disclosurelow🔒---
204038Dovecot passdb Configuration access control [CVE-2022-30550]medium🔒---
204037Pexip Infinity H.264 resource consumption [CVE-2022-27937]low🔒---
204036Pexip Infinity HTTP denial of service [CVE-2022-26654]low🔒---
204035dotCMS ContentResource API pathname traversal [CVE-2022-26352]medium🔒---
204034pyenv .python-version path traversalmedium🔒---
204033Montala ResourceSpace csv_export_results_metadata.php information disclosurelow🔒---
204032grunt-util-property Function Call code [CVE-2020-7641]low🔒---
204031Import CSV Files Plugin cross site scripting [CVE-2022-2146]low🔒---
204030Accept Stripe Payments Plugin Setting cross site scripting [CVE-2022-2194]low🔒---
204029Contact Form 7 Captcha Plugin Web Browser cross site scriptinglow🔒---
204028Simple Post Notes Plugin cross site scripting [CVE-2022-2186]low🔒---
204027Advanced Database Cleaner Plugin Admin Dashboard cross site scriptinglow🔒---
204026Loading Page with Loading Screen Plugin cross site scriptinglow🔒---
204025Download Manager Plugin History Dashboard cross site scriptinglow🔒---
204024Best Contact Management Software Plugin cross site scriptinglow🔒---
204023Very Simple Breadcrumb Plugin cross site scripting [CVE-2022-2149]low🔒---
204022LinkedIn Company Updates Plugin Setting cross site scriptinglow🔒---
204021Jquery Validation for Contact Form 7 Plugin cross-site request forgerylow🔒---
204020404s Plugin Field cross site scripting [CVE-2022-2118]low🔒---
204019Supsystic Data Tables Generator Plugin cross site scripting [CVE-2022-2114]low🔒---
204018Page Generator Plugin Setting cross site scripting [CVE-2022-2100]low🔒---
204017CDI Plugin AJAX Action cross site scripting [CVE-2022-1933]low🔒---
204016OAuth Single Sign On Plugin oAuth Access Token improper authenticationmedium🔒---
204015WP User Manager Plugin authorization [CVE-2021-24655]medium🔒---
204014WooCommerce Plugin Payment Gateway Title injection [CVE-2022-2099]low🔒---
204013Discount Rules for WooCommerce Plugin cross site scripting [CVE-2022-2090]low🔒---
204012Insights from Google PageSpeed Plugin cross-site request forgerylow🔒---
204011Download Monitor Plugin Blog Folder wp-config.php file accesslow🔒---
204010OctoBot WebInterface unrestricted upload [CVE-2021-36711]medium🔒---
204009Inductive Automation Ignition Python Script Scriptvoke authorizationmedium🔒---
204008Apache Hive CREATE/DROP missing authentication [CVE-2021-34538]medium🔒---
204007Builder XtremeRAT user.info improper authenticationlow🔒---
204006Builder XtremeRAT permissionmedium🔒---
204005Backdoor.Win32.HoneyPot.a Service Port 21 hard-coded passwordlow🔒---
204004SourceCodester Multi Restaurant Table Reservation System profile.php cross site scriptinglow🔒---
204003Arox School ERP Pro Add Photo photogalleries.inc.php unrestricted uploadmedium🔒---
204002Angular Cache cross site scripting [CVE-2022-25869]low🔒---
204001gollum New Page cross site scripting [CVE-2020-35305]low🔒---
204000Parallels Desktop HDAudio Virtual Device buffer overflow [CVE-2021-34987]medium🔒---
203999Google Go Crypto Rand infinite loop [CVE-2022-30634]low🔒---
203998containrrr shoutrrr util util.PartitionMessage denial of servicelow🔒---
203997terser incorrect regex [CVE-2022-25858]medium🔒---
203996OpenZeppelin Cairo Contracts resource control [CVE-2022-31153]low🔒---
203995ZTE ZXMP M721 ZBOOT Interface information disclosure [CVE-2022-23141]low🔒---
203994Couchbase Server Private Key log file [CVE-2022-34826]low🔒---
203993Microweber Settings Upload Picture user.ini unrestricted uploadmedium🔒---
203992Parallels Desktop Symbolic Links toctou [CVE-2021-34986]medium🔒---
203991Grafana Unified Alerting cross site scripting [CVE-2022-31097]low🔒---
203990Honeywell Alerton Compass Software Configuration access controlmedium🔒---
203989Honeywell Alerton Ascent Control Module Configuration access controlmedium🔒---
203988Inductive Automation Ignition Session ID random values [CVE-2022-35890]low🔒---
203987EIP Stack Group OpENer stack-based overflowmedium🔒---
203986Hap-WI Roxy-WI options.py subprocess_execute command injectionmedium🔒---
203985AWS SDK for Java S3 TransferManager downloadDirectory path traversalmedium🔒---
203984mbed TLS ClientHello Message heap-based overflow [CVE-2022-35409]medium🔒---
203983Grafana authorization [CVE-2022-31107]medium🔒---
203982Bentley MicroStation/View DGN File Parser out-of-bounds [CVE-2022-35906]low🔒---
203981Bentley MicroStation/View FBX File Parser out-of-bounds [CVE-2022-35905]low🔒---
203980Bentley MicroStation/View IFC File Parser out-of-bounds [CVE-2022-35904]low🔒---
203979MicroStation MicroStation/View 3DS File Parser out-of-boundslow🔒---
203978Bentley MicroStation/View OBJ File Parser out-of-bounds [CVE-2022-35902]low🔒---
203977Bentley MicroStation/View J2K File Parser out-of-bounds [CVE-2022-35901]low🔒---
203976Bentley MicroStation/View JP2 file Parser out-of-bounds [CVE-2022-35900]low🔒---
203975Adobe RoboHelp cross site scripting [CVE-2022-23201]low🔒---
203974Honeywell Alerton Ascent Control Module Packet code [CVE-2022-30244]medium🔒---
203973Honeywell Alerton Visual Logic Packet code [CVE-2022-30243]medium🔒---
203972Adobe InDesign out-of-bounds [CVE-2022-34248]medium🔒---
203971Adobe Character Animator when parsing out-of-bounds [CVE-2022-34242]medium🔒---
203970Adobe InCopy out-of-bounds write [CVE-2022-34251]medium🔒---
203969Adobe InCopy heap-based overflow [CVE-2022-34250]medium🔒---
203968Adobe InCopy heap-based overflow [CVE-2022-34249]medium🔒---
203967Adobe InDesign out-of-bounds write [CVE-2022-34247]medium🔒---
203966Adobe InDesign heap-based overflow [CVE-2022-34246]medium🔒---
203965Adobe InDesign heap-based overflow [CVE-2022-34245]medium🔒---
203964Adobe Photoshop use after free [CVE-2022-34243]medium🔒---
203963Adobe Character Animator heap-based overflow [CVE-2022-34241]medium🔒---
203962Adobe InCopy out-of-bounds [CVE-2022-34252]low🔒---
203961Adobe Photoshop uninitialized pointer [CVE-2022-34244]low🔒---
203960LTI authentication replay [CVE-2022-31158]medium🔒---
203959LTI risky encryption [CVE-2022-31157]low🔒---
203958Arox School ERP Pro backoffice.inc.php cross site scriptinglow🔒---
203957SourceCodester Multi Restaurant Table Reservation System menu-list.php cross site scriptinglow🔒---
203956SourceCodester Multi Restaurant Table Reservation System menu-list.php cross site scriptinglow🔒---
203955SourceCodester Multi Restaurant Table Reservation System menu-list.php cross site scriptinglow🔒---
203954SourceCodester Multi Restaurant Table Reservation System table-list.php cross site scriptinglow🔒---
203953Adobe Acrobat Reader File Parser out-of-bounds [CVE-2022-34226]medium🔒---
203952Adobe Acrobat Reader File Parser out-of-bounds [CVE-2022-34222]medium🔒---
203951Adobe Acrobat Reader File Parser out-of-bounds [CVE-2022-34215]medium🔒---
203950Adobe Acrobat Reader use after free [CVE-2022-34230]medium🔒---
203949Adobe Acrobat Reader use after free [CVE-2022-34229]medium🔒---
203948Adobe Acrobat Reader uninitialized pointer [CVE-2022-34228]medium🔒---
203947Adobe Acrobat Reader use after free [CVE-2022-34225]medium🔒---
203946Adobe Acrobat Reader use after free [CVE-2022-34223]medium🔒---
203945Adobe Acrobat Reader use after free [CVE-2022-34220]medium🔒---
203944Adobe Acrobat Reader use after free [CVE-2022-34219]medium🔒---
203943Adobe Acrobat Reader out-of-bounds write [CVE-2022-34217]medium🔒---
203942Adobe Acrobat Reader use after free [CVE-2022-34216]medium🔒---
203941Adobe Acrobat Reader out-of-bounds [CVE-2022-34239]low🔒---
203940Adobe Acrobat Reader use after free [CVE-2022-34237]medium🔒---
203939Adobe Acrobat Reader out-of-bounds [CVE-2022-34236]low🔒---
203938Adobe Acrobat Reader use after free [CVE-2022-34234]medium🔒---
203937Adobe Acrobat Reader use after free [CVE-2022-34233]medium🔒---
203936Adobe Acrobat Reader use after free [CVE-2022-34232]medium🔒---
203935Adobe Acrobat Reader type confusion [CVE-2022-34221]medium🔒---
203934Octopus Server Help Sidebar cross site scripting [CVE-2022-29890]low🔒---
203933Octopus Server resource injection [CVE-2022-1881]low🔒---
203932jquery-validation redos [CVE-2022-31147]medium🔒---
203931Mealie Login timing discrepancy [CVE-2022-32425]low🔒---
203930oretnom23 Product Show Room Site sql injection [CVE-2022-32415]medium🔒---
203929Mattermost Guest Account information disclosure [CVE-2022-2408]low🔒---
203928fastify bearer-auth crypto.timingSafeEqual timing discrepancymedium🔒---
203927GtkRadiant q3map2 buffer overflow [CVE-2022-32406]low🔒---
203926Isode SWIFT Registry Editor hard-coded credentials [CVE-2022-32389]medium🔒---
203925AutoTrace input-bmp.c ReadImage heap-based overflowmedium🔒---
203924MPlayer File vo_v4l2.c denial of servicelow🔒---
203923Toybox httpd.c null pointer dereferencelow🔒---
203922Piwigo Search sql injection [CVE-2022-32297]medium🔒---
203921Gradle Dependency Verification unknown vulnerability [CVE-2022-31156]low🔒---
203920AMD Ryzen/Athlon/EPYC Branch Predictor information disclosurelow🔒---
203919AMD Ryzen/Athlon System Management Interface out-of-bounds [CVE-2021-26384]medium🔒---
203918AMD Ryzen Audio Co-Processor denial of service [CVE-2021-26382]low🔒---
203917Mattermost Legacy Slack Import resource consumption [CVE-2022-2406]low🔒---
203916Mattermost API information disclosure [CVE-2022-2401]low🔒---
203915Portal do Software Publico Brasileiro i3geo HTTP Request codemirror.php file inclusionmedium🔒---
203914Linux Kernel eBPF bpf.c nsim_bpf_map_alloc information disclosurelow🔒---
203913Portal do Software Publico Brasileiro i3geo request_token.php cross site scriptinglow🔒---
203912Portal do Software Publico Brasileiro i3geo access_token.php cross site scriptinglow🔒---
203911Portal do Software Publico Brasileiro i3geo svg2img.php cross site scriptinglow🔒---
203910oretnom23 Product Show Room Site sql injection [CVE-2022-32416]medium🔒---
203909oretnom23 Fast Food Ordering System cross site scripting [CVE-2022-32318]low🔒---
203908IBM Security Verify Identity Manager information disclosure [CVE-2022-22460]low🔒---
203907IBM Security Verify Identity Manager inadequate encryption [CVE-2022-22453]low🔒---
203906IBM Security Verify Identity Manager HTTP Request unrestricted uploadmedium🔒---
203905IBM Security Verify Identity Manager excessive authenticationlow🔒---
203904PbootCMS function.php parserIfLabel code injectionmedium🔒---
203903URVE Web Manager uploader.php unrestricted uploadmedium🔒---
203902URVE Web Manager upload.php unrestricted uploadmedium🔒---
203901URVE Web Manager img_upload.php unrestricted uploadmedium🔒---
203900Sage 300 ERP Installer Runtime untrusted search pathmedium🔒---
203899Node.js http Module request smuggling [CVE-2022-32215]medium🔒---
203898Node.js http Module request smuggling [CVE-2022-32213]medium🔒---
203897Node.js IsAllowedHost os command injection [CVE-2022-32212]medium🔒---
203896Dingtian DT-R002 2CH HTTP POST Request relay_cgi.cgi improper authenticationmedium🔒---
203895pki-core Message Content improper authorization [CVE-2022-2393]medium🔒---
203894Node.js http Module request smuggling [CVE-2022-32214]medium🔒---
203893TP-LINK TL-WR841N httpd buffer overflow [CVE-2022-30024]medium🔒---
203892convert2rhel run-convert2rhel.yml information disclosurelow🔒---
203891Undici.ProxyAgent certificate validation [CVE-2022-32210]medium🔒---
203890F-Secure Atlant Scanning Engine aeheur.dll denial of servicelow🔒---
203889Xiaomi Smart Phone heap-based overflow [CVE-2020-14127]medium🔒---
203888IBM Security Verify Information Queue HTTP Request denial of servicelow🔒---
203887Node.js openssl.cnf uncontrolled search pathmedium🔒---
203886Node.js openssl.cnf cryptographic issueslow🔒---
203885IBM Engineering Lifecycle Optimization HTTP Header cross site scriptinglow🔒---
203884IBM Engineering Lifecycle Optimization Web UI cross site scriptinglow🔒---
203883IBM Engineering Lifecycle Optimization HTTP GET Request information disclosurelow🔒---
203882IBM Engineering Lifecycle Optimization SQL Error Message information disclosurelow🔒---
203881IBM Engineering Lifecycle Optimization access control [CVE-2021-39017]medium🔒---
203880IBM Engineering Lifecycle Optimization Network Traffic access controlmedium🔒---
203879Veeam Management Pack for Microsoft System Center URL cross site scriptinglow🔒---
203878IBM WebSphere Application Server Web UI cross site scriptinglow🔒---
203877IBM WebSphere Application Server Administrative Console information disclosurelow🔒---
203876yunzhongzhuan Electronic Mall System sql injection [CVE-2022-30113]medium🔒---
203875Best Practical Request Tracker Attachment cross site scriptinglow🔒---
203874Best Practical Request Tracker Ticket Search redirect [CVE-2022-25803]low🔒---
203873Best Practical RT for Incident Response Scripted Action Tools server-side request forgerymedium🔒---
203872Best Practical RT for Incident Response Whois Lookup Tool server-side request forgerymedium🔒---
203871Verizon 5G Home LVSKIHP InDoorUnit RPC Endpoint improper authenticationmedium🔒---
203870Verizon 5G Home LVSKIHP InDoorUnit RPC Endpoint crtc.lua crtcfwimage unrestricted uploadmedium🔒---
203869Verizon 5G Home LVSKIHP InDoorUnit RPC Endpoint ca.pem access controlmedium🔒---
203868Verizon 5G Home LVSKIHP OutDoorUnit RPC Endpoint wnc_crtc_fw.sh crtc_fw_upgrade risky encryptionmedium🔒---
203867Verizon 5G Home LVSKIHP OutDoorUnit crtcrpc JSON Listener rpc.lua crtcswitchsimprofile os command injectionmedium🔒---
203866Verizon 5G Home LVSKIHP OutDoorUnit Settings Page settings.lua os command injectionmedium🔒---
2038655G Home LVSKIHP InDoorUnit crtcrpc JSON Listener crtc.lua crtcreadpartition os command injectionmedium🔒---
203864Verizon 5G Home LVSKIHP InDoorUnit crtcrpc JSON Listener crtcmode.sh enable_ssh os command injectionmedium🔒---
203863Spryker Commerce OS os command injection [CVE-2022-28888]medium🔒---
203862Google Android Kernel Memory remap_pfn_range memory corruptionmedium🔒---
203861Google Android bta_hf_client_at.cc bta_hf_client_handle_cind_list_item out-of-bounds writemedium🔒---
203860Google Android C2DmaBufAllocator.cpp use after freemedium🔒---
203859Google Android Bluetooth Stack bta_hf_client_at.cc AT_SKIP_REST out-of-boundslow🔒---
203858Google Android gatt_db.cc read_attr_value out-of-bounds writemedium🔒---
203857Google Android Bluetooth avrc_pars_ct.cc avrc_ctrl_pars_vendor_cmd out-of-boundslow🔒---
203856Google Android Notification NotificationAccessConfirmationActivity permissionlow🔒---
203855Google Android WindowManagerService.java finishDrawingWindow input validationmedium🔒---
203854Google Android AppRestrictionsFragment.java assertSafeToStartCustomActivity permissionmedium🔒---
203853Google Android CallLogProvider.java openFile path traversalmedium🔒---
203852Google Android PermissionController permission [CVE-2022-20218]medium🔒---
203851Google Android SprdContactsProvider denial of service [CVE-2022-20217]low🔒---
203850Google Android permission [CVE-2022-20216]medium🔒---
203849Google Android overlay improper restriction of rendered ui layerslow🔒---
203848Google Android DRM Driver denial of service [CVE-2022-20236]low🔒---
203847Google Android KeyChain.java choosePrivateKeyAlias information disclosurelow🔒---
203846Google Android SubscriptionController.java getSubscriptionProperty information disclosurelow🔒---
203845Google Android StorageManagerService.java information disclosurelow🔒---
203844Google Android USB Driver out-of-bounds [CVE-2022-20227]low🔒---
203843Schneider Electric X80 Advanced RTU Communication Module Firmware Image file inclusionlow🔒---
203842Schneider Electric X80 Advanced RTU Communication Module Firmware data authenticitymedium🔒---
203841Schneider Electric X80 Advanced RTU Communication Module JSON Content Type Parser null pointer dereferencelow🔒---
203840Schneider Electric X80 Advanced RTU Communication Module Cookie infinite looplow🔒---
203839Schneider Electric X80 Advanced RTU Communication Module HTTP Header Parser out-of-bounds writemedium🔒---
203838Schneider Electric Easergy P5 Device Watchdog denial of servicelow🔒---
203837Schneider Electric Easergy P5 SSH Connection risky encryptionlow🔒---
203836Schneider Electric Acti9 PowerTag Link C privileges managementmedium🔒---
203835uBlock Origin Extension Renderer Process cross site scriptinglow🔒---
203834Strapi Add New Assets unrestricted upload [CVE-2022-32114]medium🔒---
203833kvf-admin com.kalvin.kvf.common.shiro.ShiroConfig File deserializationmedium🔒---
203832Schneider Electric X80 Advanced RTU Communication Module URL Parser memory corruptionmedium🔒---
203831Schneider Electric X80 Advanced RTU Communication Module Firmware Image path traversalmedium🔒---
203830JerryScript print.c jerryx_print_unhandled_exception stack-based overflowmedium🔒---
203829FlyteAdmin session expiration [CVE-2022-31145]medium🔒---
203828PrestaShop Catalog unrestricted upload [CVE-2020-21967]medium🔒---
203827Schneider Electric Easergy P5 HTTP Stack buffer overflow [CVE-2022-34756]high🔒---
203826Schneider Electric SpaceLogic C-Bus Home Controller os command injectionmedium🔒---
203825VMware vCenter Server/Cloud Foundation URL Request server-side request forgerymedium🔒---
203824Linux Kernel sm712fb.c smtcfb_read out-of-boundsmedium🔒---
203823Rhonabwy JWE Token r_jwe_aesgcm_key_unwrap denial of servicelow🔒---
203822WolfSSH wolfSSH_SFTP_RecvRMDIR integer overflowmedium🔒---
203821osTicket Plugins SVG class.audit.php cross site scriptinglow🔒---
203820IBM i Web UI cross site scripting [CVE-2022-34358]low🔒---
203819Transition Scheduler Add-on Project Name cross site scriptinglow🔒---
203818RuoYi Background Management Module unrestricted upload [CVE-2022-32065]medium🔒---
203817codecov popen Privilege Escalationlow🔒---
203816Oxygen XML WebHelp Search Field cross site scripting [CVE-2021-46827]low🔒---
203815vm2 recursion [CVE-2019-10761]low🔒---
203814Apache Tapestry Content-Type org.apache.tapestry5.http.ContentType incorrect regexmedium🔒---
203813Samsung Smart Phone SecSoterService information disclosure [CVE-2022-30753]low🔒---
203812Argo CD callback cross site scriptinglow🔒---
203811Mogu Blog cross site scripting [CVE-2022-30517]low🔒---
203810svelte Attribute toString cross site scriptinglow🔒---
203809whoogle-search HTML Template error.html cross site scriptinglow🔒---
203808Nautilus Treadmill access control [CVE-2022-35648]medium🔒---
203807Samsung USB Driver Windows Installer for Mobile Phones integrity checklow🔒---
203806Samsung Galaxy Store BillingPackageInsraller input validationmedium🔒---
203805Samsung Galaxy Store ApexPackageInstaller input validation [CVE-2022-33709]medium🔒---
203804Samsung Galaxy Store AppsPackageInstaller input validation [CVE-2022-33708]medium🔒---
203803Samsung Gallery S Pen Air Gesture access control [CVE-2022-33706]low🔒---
203802Samsung Smart Phone Knoxguard improper authorization [CVE-2022-33702]medium🔒---
203801Samsung Smart Phone TelephonyUI putDsaSimImsi information disclosurelow🔒---
203800Samsung Smart Phone TelephonyUI getDsaSimImsi information disclosurelow🔒---
203799Samsung Smart Phone Telecom Application information disclosurelow🔒---
203798Samsung Smart Phone ImsServiceSwitchBase log file [CVE-2022-33697]low🔒---
203797Samsung Smart Phone Telephony unknown vulnerability [CVE-2022-33696]low🔒---
203796Samsung Smart Phone CSC Application information disclosure [CVE-2022-33694]low🔒---
203795Samsung Smart Phone CID Manager information disclosure [CVE-2022-33693]low🔒---
203794Microsoft Windows Security Account Manager denial of servicemedium🔒---
203793Microsoft Windows Internet Information Services Cachuri Module denial of servicelow🔒---
203792SAP Enterprise Portal cross site scripting [CVE-2022-35224]low🔒---
203791Git for Windows Installer git.exe untrusted search pathmedium🔒---
203790Western Digital My Cloud Home/My Cloud Home Duo AWS Credential insufficiently protected credentialslow🔒---
203789libguestfs get_keys denial of servicelow🔒---
203788Pyramid EtherNet-IP Adapter Development Kit Packet out-of-bounds writehigh🔒---
203787Argo CD access control [CVE-2022-1025]medium🔒---
203786Zoho ManageEngine ServiceDesk Plus Ticket-Creation Email improper authenticationmedium🔒---
203785SAP BusinessObjects CMC cross-site request forgery [CVE-2022-35228]low🔒---
203784SAP BusinessObjects BW Publisher Service unquoted search pathmedium🔒---
203783SAP NW EP WPC cross site scripting [CVE-2022-35227]low🔒---
203782SAP Business one/HANA Cockpit exposure of resource [CVE-2022-32249]low🔒---
203781SAP S4HANA Manage Checkbooks input validation [CVE-2022-32248]medium🔒---
203780SAP S4HANA Application Business Partner Extension authorizationmedium🔒---
203779SourceCodester Simple e-Learning System claire_blake cross site scriptinglow🔒---
203778SAP Business One Client code injection [CVE-2022-31593]medium🔒---
203777Zulip Public Data Export information disclosure [CVE-2022-31134]low🔒---
203776SAP SAP BusinessObjects Business Intelligence Platform authorizationlow🔒---
203775Git access control [CVE-2022-29187]medium🔒---
203774SAP Business one License Service API HTTP Request improper authenticationmedium🔒---
203773VMware vRealize Log Insight cross site scripting [CVE-2022-31655]low🔒---
203772VMware vRealize Log Insight Configuration cross site scriptinglow🔒---
203771SAP 3D Visual Enterprise Viewer JPEG 2000 File denial of servicelow🔒---
203770SAP SAP BusinessObjects Business Intelligence Platform LCM information disclosurelow🔒---
203769SAP Business One xml external entity reference [CVE-2022-35168]low🔒---
203768SAP Business Intelligence Platform Visual Difference Application sql injectionmedium🔒---
203767Western Digital My Cloud AWS S3 Bucket os command injection [CVE-2022-22997]medium🔒---
203766Argo CD certificate validation [CVE-2022-31105]medium🔒---
203765SAP Business Objects Request data authenticity [CVE-2022-31598]medium🔒---
203764SAP Enterprise Extension Defense Forces & Public Security authorizationmedium🔒---
203763libconnect Extension cross site scripting [CVE-2022-33157]low🔒---
203762matomo_integration Extension cross site scripting [CVE-2022-33156]low🔒---
203761ameos_tarteaucitron Extension cross site scripting [CVE-2022-33155]low🔒---
203760schema Extension cross site scripting [CVE-2022-33154]low🔒---
203759gridelements Extension cross site scripting [CVE-2022-29602]low🔒---
203758seminars Extension sql injection [CVE-2022-29601]medium🔒---
203757oelib Extension sql injection [CVE-2022-29600]medium🔒---
203756SAP Netweaver Enterprise Portal cross site scripting [CVE-2022-35172]low🔒---
203755Lux Extension sql injection [CVE-2022-35628]medium🔒---
203754SAP Netweaver Enterprise Portal cross site scripting [CVE-2022-35225]low🔒---
203753SAP Netweaver Enterprise Portal cross site scripting [CVE-2022-35170]low🔒---
203752Linux Kernel Keystroke information disclosure [CVE-2011-4916]low🔒---
203751SAP Netweaver Enterprise Portal cross site scripting [CVE-2022-32247]low🔒---
203750October CMS fromData race conditionlow🔒---
203749Samsung Smart Phone Messaging unknown vulnerability [CVE-2022-33692]low🔒---
203748Samsung Smart Phone SecTelephonyProvider EventType log filelow🔒---
203747Samsung Smart Phone telephony-common.jar information disclosurelow🔒---
203746Samsung Smart Phone GsmAlarmManager information disclosure [CVE-2022-33686]low🔒---
203745Kubernetes aws-iam-authenticator access control [CVE-2022-2385]medium🔒---
203744Intel CPU Instruction Retbleed information disclosurelow🔒---
203743AMD CPU Instruction Retbleed information disclosurelow🔒---
203742IBM QRadar SIEM denial of service [CVE-2021-39041]low🔒---
203741IBM QRadar Network Security hard-coded credentials [CVE-2020-4157]low🔒---
203740IBM QRadar Network Security information disclosure [CVE-2020-4159]low🔒---
203739Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203738Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203737Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203736Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203735Microsoft Azure Site Recovery VMWare to Azure Remote Code Executionmedium🔒---
203734Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203733Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203732Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203731Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203730Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203729Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203728Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203727Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203726Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203725Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203724Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203723Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203722Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203721Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203720Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203719Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203718Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203717Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203716Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203715Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203714Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203713Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203712Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203711Microsoft Windows Xbox Live Save Service Privilege Escalationmedium🔒---
203710Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203709Microsoft Azure Site Recovery VMWare to Azure information disclosurelow🔒---
203708Microsoft Azure Site Recovery VMWare to Azure Privilege Escalationmedium🔒---
203707Microsoft Defender for Endpoint Privilege Escalation [CVE-2022-33637]medium🔒---
203706Microsoft Lync Server/Skype for Business Server Privilege Escalationmedium🔒---
203705Microsoft Office authorization [CVE-2022-33632]medium🔒---
203704Microsoft Windows Print Spooler privileges management [CVE-2022-30226]medium🔒---
203703Microsoft Windows Media Player Network Sharing Service privileges managementmedium🔒---
203702Microsoft Windows privileges management [CVE-2022-30224]medium🔒---
203701Microsoft Windows Hyper-V information disclosure [CVE-2022-30223]low🔒---
203700Microsoft Windows Shell Privilege Escalation [CVE-2022-30222]medium🔒---
203699Microsoft Windows Graphics Remote Code Execution [CVE-2022-30221]medium🔒---
203698Microsoft Windows Common Log File System Driver Privilege Escalationmedium🔒---
203697Microsoft Windows Server Service unrestricted upload [CVE-2022-30216]medium🔒---
203696Microsoft Windows Active Directory Federation Services Privilege Escalationmedium🔒---
203695Microsoft Windows DNS Server race condition [CVE-2022-30214]medium🔒---
203694Microsoft Windows GDI+ information disclosure [CVE-2022-30213]low🔒---
203693Microsoft Windows Connected Devices Platform Service information disclosurelow🔒---
203692Microsoft Windows L2TP Privilege Escalation [CVE-2022-30211]medium🔒---
203691Microsoft Windows IIS Remote Code Execution [CVE-2022-30209]medium🔒---
203690Microsoft Windows Print Spooler Privilege Escalation [CVE-2022-30206]medium🔒---
203689Microsoft Windows Group Policy race condition [CVE-2022-30205]medium🔒---
203688Microsoft Windows Boot Manager Local Privilege Escalation [CVE-2022-30203]medium🔒---
203687Microsoft Windows Advanced Local Procedure Call Privilege Escalationmedium🔒---
203686Microsoft Azure Storage Blobs Client Library information disclosurelow🔒---
203685Microsoft Azure Site Recovery VMWare to Azure privileges managementmedium🔒---
203684Microsoft Windows Cookie information disclosure [CVE-2022-27776]low🔒---
203683Microsoft Windows AMD CPU Branch type confusion [CVE-2022-23825]low🔒---
203682Microsoft Windows AMD CPU Branch type confusion [CVE-2022-23816]low🔒---
203681Microsoft Edge V8 type confusion [CVE-2022-2295]medium🔒---
203680Microsoft Edge WebRTC heap-based overflow [CVE-2022-2294]medium🔒---
203679Microsoft Windows BitLocker information disclosure [CVE-2022-22711]low🔒---
203678Microsoft Windows Fax Service Privilege Escalation [CVE-2022-22050]medium🔒---
203677Microsoft Windows CSRSS Privilege Escalation [CVE-2022-22049]medium🔒---
203676Microsoft Windows BitLocker authorization [CVE-2022-22048]medium🔒---
203675Microsoft Windows CSRSS privileges management [CVE-2022-22047]medium🔒---
203674Microsoft Windows Windows.Devices.Picker.dll privileges managementmedium🔒---
203673Microsoft Windows Fast FAT File System Driver privileges managementmedium🔒---
203672Microsoft Windows Hyper-V information disclosure [CVE-2022-22042]low🔒---
203671Microsoft Windows Print Spooler privileges management [CVE-2022-22041]medium🔒---
203670Microsoft Windows denial of service [CVE-2022-22040]low🔒---
203669Microsoft Windows Network File System code injection [CVE-2022-22039]medium🔒---
203668Microsoft Windows Remote Procedure Call Runtime code injectionmedium🔒---
203667Microsoft Windows Advanced Local Procedure Call privileges managementmedium🔒---
203666Microsoft Windows Performance Counters privileges managementmedium🔒---
203665Microsoft Windows Graphics privileges management [CVE-2022-22034]medium🔒---
203664Microsoft Windows Credential Guard privileges management [CVE-2022-22031]medium🔒---
203663Microsoft Windows Network File System code injection [CVE-2022-22029]medium🔒---
203662Microsoft Windows Network File System information disclosurelow🔒---
203661Microsoft Windows Fax Service code injection [CVE-2022-22027]medium🔒---
203660Microsoft Windows CSRSS privileges management [CVE-2022-22026]high🔒---
203659Microsoft Windows Fax Service Privilege Escalation [CVE-2022-22024]medium🔒---
203658Microsoft Windows Portable Device Enumerator Service Local Privilege Escalationmedium🔒---
203657Microsoft Windows Print Spooler Privilege Escalation [CVE-2022-22022]medium🔒---
203656Microsoft Windows Kernel information disclosure [CVE-2022-21845]low🔒---
203655Huawei HarmonyOS AT Command out-of-bounds [CVE-2022-34743]low🔒---
203654Huawei HarmonyOS System Module information disclosure [CVE-2022-34742]low🔒---
203653Huawei HarmonyOS NFC Module buffer overflow [CVE-2022-34741]medium🔒---
203652Huawei HarmonyOS NFC Module buffer overflow [CVE-2022-34740]medium🔒---
203651Huawei HarmonyOS Fingerprint Module integer overflow [CVE-2022-34739]medium🔒---
203650Huawei HarmonyOS Aapplication Security Module permission [CVE-2022-34737]medium🔒---
203649Samsung Cloud Intent improper authorization [CVE-2022-33713]low🔒---
203648Samsung Camera Intent improper authorization [CVE-2022-33712]low🔒---
203647Samsung Find My Mobile small space of random values [CVE-2022-33707]low🔒---
203646Samsung Calendar Schedule improper authorization [CVE-2022-33705]medium🔒---
203645Samsung Smart Phone CACertificateInfo input validation [CVE-2022-33703]low🔒---
203644Samsung Smart Phone KnoxCustomManagerService PowerManaer.goToSleep access controllow🔒---
203643Samsung Smart Phone InputManagerService permission assignmentmedium🔒---
203642Samsung Smart Phone Contacts Storage information disclosure [CVE-2022-33690]low🔒---
203641Samsung Smart Phone TelephonyUI improper authentication [CVE-2022-33689]medium🔒---
203640Samsung Smart Phone Wearable Manager Service dead code [CVE-2022-33685]low🔒---
203639Samsung Smart Phone Finder default permission [CVE-2022-30758]low🔒---
203638Samsung Smart Phone improper authorization [CVE-2022-30757]low🔒---
203637Samsung Smart Phone Finder input validation [CVE-2022-30756]low🔒---
203636Samsung AppLock improper authentication [CVE-2022-30755]medium🔒---
203635Samsung Smart Phone AppLinker input validation [CVE-2022-30754]low🔒---
203634Samsung Smart Phone SemWifiApClient sendDHCPACKBroadcast access controllow🔒---
203633Samsung Smart Phone SemWifiApClient sendDHCPACKBroadcast access controllow🔒---
203632Samsung Smart Phone SemWifiApClient updateLastConnectedClientInfo access controllow🔒---
203631Huawei HarmonyOS Basic Framework/Setting Module unknown vulnerabilitylow🔒---
203630Live555 Socket Connection heap-based overflow [CVE-2021-41396]low🔒---
203629Huawei Smart Phone Bluetooth Module permission [CVE-2021-40016]low🔒---
203628Huawei Smart Phone Bluetooth Module permission [CVE-2021-40013]medium🔒---
203627Huawei Smart Phone Video Framework information disclosure [CVE-2021-40012]low🔒---
203626Huawei eSE620X vESS Packet denial of service [CVE-2021-39999]low🔒---
203625Samsung Smart Phone Score Driver toctou [CVE-2022-33691]low🔒---
203624Druva inSync inSyncDecommission privileges management [CVE-2021-36666]medium🔒---
203623Druva inSync inSyncUpgradeDaemon deserialization [CVE-2021-36665]medium🔒---
203622Huawei HarmonyOS SystemUI Module permission [CVE-2022-34738]medium🔒---
203621Linux Kernel Frame Scheduling Module null pointer dereferencelow🔒---
203620Huawei HarmonyOS Frame Scheduling Module null pointer dereferencelow🔒---
203619Couchbase Server Field Name information disclosure [CVE-2022-33911]low🔒---
203618Samsung KnoxSDK ucmRetParcelable input validationlow🔒---
203617Mattermost Trusted IP Header default permission [CVE-2022-2366]medium🔒---
203616Novastar VNNOX iCare Novaicare access control [CVE-2021-38289]medium🔒---
203615Druva inSync Electron App injection [CVE-2021-36668]medium🔒---
203614Couchbase Server Analytics Remote Links downgrade [CVE-2022-33173]low🔒---
203613Druva inSync os.system Library command injection [CVE-2021-36667]medium🔒---
203612EGT-Kommunikationstechnik UG Mediacenter Online_Update.php cross site scriptinglow🔒---
203611Siemens SIMATIC CP 1242-7 V2 OpenVPN Configuration code injectionmedium🔒---
203610Siemens SIMATIC CP 1242-7 V2 Field command injection [CVE-2022-34820]medium🔒---
203609Siemens SIMATIC CP 1242-7 V2 Message Parser heap-based overflowmedium🔒---
203608Siemens Simcenter Femap X_T File Parser out-of-bounds write [CVE-2022-34748]medium🔒---
203607Siemens Mendix Excel Importer Module xml entity expansion [CVE-2022-34467]low🔒---
203606Siemens Parasolid/Simcenter Femap NEU File Parser out-of-boundslow🔒---
203605Siemens SICAM GridEdge Essential ARM SSH Key exposure of resourcemedium🔒---
203604Siemens PADS Standard/PADS Standard Plus PCB File Parser memory corruptionmedium🔒---
203603Siemens PADS Standard/PADS Standard Plus PCB File Parser memory corruptionmedium🔒---
203602Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203601Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203600Siemens PADS Standard/PADS Standard Plus PCB File Parser memory corruptionmedium🔒---
203599Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203598Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203597Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203596Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203595Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203594Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203593Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203592Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203591Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203590Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203589Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203588Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203587Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203586Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-bounds writemedium🔒---
203585Siemens PADS Standard/PADS Standard Plus PCB File Parser out-of-boundsmedium🔒---
203584Siemens Mendix access control [CVE-2022-31257]medium🔒---
203583Siemens EN100 Ethernet module DNP3 IP HTTP Packet txtrace memory corruptionmedium🔒---
203582Siemens RUGGEDCOM ROS i803 Console code injection [CVE-2022-34663]medium🔒---
203581Siemens Mendix Workflow Subsystem injection [CVE-2022-34466]low🔒---
203580Siemens Opcenter Quality Login unknown vulnerability [CVE-2022-33736]medium🔒---
203579Siemens SIMATIC MV540 H Web API Endpoint missing authenticationmedium🔒---
203578Siemens SIMATIC MV540 H Web Session Management session expirationlow🔒---
203577Siemens SCALANCE X200-4P IRT HTTP GET Request buffer overflowmedium🔒---
203576Siemens SCALANCE X200-4P IRT GET Parameter buffer overflow [CVE-2022-26648]medium🔒---
203575Siemens SIMATIC eaSie Core Package MQTT Service missing authenticationmedium🔒---
203574Siemens SIMATIC eaSie Core Package Message denial of servicelow🔒---
203573Siemens CP-8000 MASTER MODULE HTTPS Server release of resourcemedium🔒---
203572Siemens SCALANCE X200-4P IRT Session ID random values [CVE-2022-26647]low🔒---
203571Siemens RUGGEDCOM ROX RX5000 Shell/Web CLI command injectionmedium🔒---
203570Free Booking Plugin for Hotels, Restaurant and Car Rental Plugin AJAX Action unrestricted uploadmedium🔒---
203569Dell BSAFE Crypto-C Micro Edition signature verification [CVE-2020-35169]medium🔒---
203568Dell BSAFE Crypto-C Micro Edition random values [CVE-2020-35163]low🔒---
203567Dell BSAFE Crypto-C Micro Edition entropy [CVE-2020-29508]low🔒---
203566Dell BSAFE Crypto-C Micro Edition information disclosure [CVE-2020-29507]low🔒---
203565Dell BSAFE Crypto-C Micro Edition Key Management entropy [CVE-2020-29505]low🔒---
203564Synology Calendar Event Management cross site scripting [CVE-2022-22682]low🔒---
203563KubeEdge ServiceBus Server resource consumption [CVE-2022-31073]medium🔒---
203562KubeEdge resource consumption [CVE-2022-31080]low🔒---
203561KubeEdge CloudHub Module resource consumption [CVE-2022-31075]low🔒---
203560KubeEdge Cloud AdmissionController resource consumption [CVE-2022-31074]low🔒---
203559Dell BSAFE Crypto-C Micro Edition missing encryption [CVE-2020-35168]low🔒---
203558Dell BSAFE Crypto-C Micro Edition information disclosure [CVE-2020-35167]low🔒---
203557Dell BSAFE Crypto-C Micro Edition covert timing channel [CVE-2020-35166]low🔒---
203556Dell BSAFE Crypto-C Micro Edition covert timing channel [CVE-2020-35164]low🔒---
203555Dell BSAFE Crypto-C Micro Edition covert timing channel [CVE-2020-29506]low🔒---
203554KubeEdge Cloud Stream Server/Edge Stream Server resource consumptionlow🔒---
203553KubeEdge CloudCore Router resource consumption [CVE-2022-31078]low🔒---
203552UnsafeAccessor Named Module information disclosure [CVE-2022-31139]low🔒---
203551mailcow os command injection [CVE-2022-31138]medium🔒---
203550Pagebar Plugin Setting cross-site request forgery [CVE-2022-1757]low🔒---
203549Sharebar Plugin Setting cross-site request forgery [CVE-2022-1626]low🔒---
203548WP Opt-in Plugin Mail cross-site request forgery [CVE-2022-2123]low🔒---
203547WP Duplicate Page Plugin Setting cross site scripting [CVE-2022-2093]low🔒---
203546Cache Images Plugin cross-site request forgery [CVE-2022-2091]low🔒---
203545Bold Page Builder Plugin Setting cross site scripting [CVE-2022-2089]low🔒---
203544WP-Paginate Plugin Setting cross site scripting [CVE-2022-2050]low🔒---
203543Comment License Plugin Setting cross-site request forgery [CVE-2022-1957]low🔒---
203542Shortcut Macros Plugin cross-site request forgery [CVE-2022-1956]low🔒---
203541Core plugin for Kitestudio Plugin AJAX Action cross site scriptinglow🔒---
203540Awin Data Feed Plugin Analytics Data cross site scripting [CVE-2022-1938]low🔒---
203539Awin Data Feed Plugin AJAX Action cross site scripting [CVE-2022-1937]low🔒---
203538Shortcodes and Extra Features for Phlox Plugin cross site scriptinglow🔒---
203537Popup Builder Plugin Setting cross site scripting [CVE-2022-1894]low🔒---
203536Admin Management Xtended Plugin cross-site request forgery [CVE-2022-1599]low🔒---
203535WP Maintenance Mode & Coming Soon Plugin Subscribed Users List cross-site request forgerylow🔒---
203534WP Event Manager Plugin Event Dashboard cross site scriptinglow🔒---
203533FoxyShop Plugin Admin Page cross site scripting [CVE-2022-1220]low🔒---
203532WooCommerce PDF Invoices & Packing Slips Plugin Setting Page cross site scriptinglow🔒---
203531WooCommerce Product Importer Plugin cross site scripting [CVE-2022-1546]low🔒---
203530Pricing Deals for WooCommerce Plugin AJAX Action sql injectionmedium🔒---
203529IBM SiteProtector Appliance information disclosure [CVE-2020-4138]low🔒---
203528Valinor Throwable#getMessage information exposurelow🔒---
203527IBM SiteProtector Appliance hard-coded credentials [CVE-2020-4150]medium🔒---
203526Rename wp-login.php Plugin Secret Login URL cross-site request forgerylow🔒---
203525CODESYS V3 CmpChannelServer resource consumptionlow🔒---
203524CODESYS V3 TCP Connection CmpBlkDrvTcp resource consumptionlow🔒---
203523Lenze cabinet c520/cabinet c550/cabinet c750 Password Verification missing critical step in authenticationhigh🔒---
203522CODESYS OPC DA Server Configuration File credentials storagelow🔒---
203521microweber behavioral workflow [CVE-2022-2368]low🔒---
203520H3C SSL VPN login.json cross site scriptinglow🔒---
203519DSAB send_file path traversalmedium🔒---
203518zadam trilium cross site scripting [CVE-2022-2365]low🔒---
203517QEMU physmem.c translate_fail uninitialized pointermedium🔒---
203516zippies testplatform send_file path traversalmedium🔒---
203515yuriyouzhou KG-fashion-chatbot send_file path traversalmedium🔒---
203514unizar-30226-2019-06 ChangePop-Back send_file path traversalmedium🔒---
203513stonethree s3label send_file path traversalmedium🔒---
203512sravaniboinepelli AutomatedQuizEval send_file path traversalmedium🔒---
203511shaolo1 VideoServer send_file path traversalmedium🔒---
203510scorelab OpenMF send_file path traversalmedium🔒---
203509sanojtharindu caretakerr-api send_file path traversalmedium🔒---
203508ralphjzhang iasset send_file path traversalmedium🔒---
203507piaoyunsoft bt_lnmp send_file path traversalmedium🔒---
203506longmaoteamtf audio_aligner_app send_file path traversalmedium🔒---
203505heidi-luong1109 shackerpanel send_file path traversalmedium🔒---
203504deepaliupadhyay RealEstate send_file path traversalmedium🔒---
203503chainer chainerrl-visualizer send_file path traversalmedium🔒---
203502ceee-vip cockybook send_file path traversalmedium🔒---
203501adriankoczuruek ceneo-web-scrapper send_file path traversalmedium🔒---
203500RipudamanKaushikDal projects send_file path traversalmedium🔒---
203499Rexians rex-web send_file path traversalmedium🔒---
203498DSABenchmark DSAB send_file path traversalmedium🔒---
203497yogson syrabond send_file path traversalmedium🔒---
203496woduq1414 munhak-moa send_file path traversalmedium🔒---
203495whmacmac vprj send_file path traversalmedium🔒---
203494waveyan internshipsystem send_file path traversalmedium🔒---
203493varijkapil13 Sphere_ImageBackend send_file path traversalmedium🔒---
203492uncleYiba photo_tag send_file path traversalmedium🔒---
203491tsileo flask-yeoman send_file path traversalmedium🔒---
203490tooxie shiva-server send_file path traversalmedium🔒---
203489seveas golem send_file path traversalmedium🔒---
203488rusyasoft TrainEnergyServer send_file path traversalmedium🔒---
203487romain20100 nursequest send_file path traversalmedium🔒---
203486rohitnayak movie-review-sentiment-analysis send_file path traversalmedium🔒---
203485rainsoupah sleep-learner send_file path traversalmedium🔒---
203484anuvaad corpus send_file path traversalmedium🔒---
203483pleomax00 flask-mongo-skel send_file path traversalmedium🔒---
203482olmax99 pyathenastack send_file path traversalmedium🔒---
203481olmax99 helm-flask-celery send_file path traversalmedium🔒---
203480nrlakin homepage send_file path traversalmedium🔒---
203479noamezekiel sphere send_file path traversalmedium🔒---
203478nlpweb glance send_file path traversalmedium🔒---
203477ml-inory ModelConverter send_file path traversalmedium🔒---
203476meerstein rbtm send_file path traversalmedium🔒---
203475maxtortime SetupBox send_file path traversalmedium🔒---
203474mandoku mdweb send_file path traversalmedium🔒---
203473lyubolp Barry-Voice-Assistant send_file path traversalmedium🔒---
203472kumardeepak hin-eng-preprocessing send_file path traversalmedium🔒---
203471kotekan send_file path traversalmedium🔒---
203470joaopedro-fg mp-m08-interface send_file path traversalmedium🔒---
203469jmcginty15 Solar-system-simulator send_file path traversalmedium🔒---
203468jaygarza1982 ytdl-sync send_file path traversalmedium🔒---
203467freefood89 Fishtank send_file path traversalmedium🔒---
203466decentraminds umbral send_file path traversalmedium🔒---
203465dankolbman travel_blahg send_file path traversalmedium🔒---
203464dainst cilantro send_file path traversalmedium🔒---
203463csm send_file path traversalmedium🔒---
203462cinemaproject monorepo send_file path traversalmedium🔒---
203461bonn-activity-maps bam_annotation_tool send_file path traversalmedium🔒---
203460ThundeRatz ThunderDocs send_file path traversalmedium🔒---
203459SummaLabs DLS send_file path traversalmedium🔒---
203458PureStorage-OpenConnect swagger send_file path traversalmedium🔒---
203457PaddlePaddle Anakin send_file path traversalmedium🔒---
203456NotVinay karaokey send_file path traversalmedium🔒---
203455Niyaz-Mohamed mosaic send_file path traversalmedium🔒---
203454Luxas98 logstash-management-api send_file path traversalmedium🔒---
203453Lukasavicus WindMill send_file path traversalmedium🔒---
203452HolgerGraef MSM send_file path traversalmedium🔒---
203451Caoyongqi912 Fan_Platform send_file path traversalmedium🔒---
203450BolunHan Krypton send_file path traversalmedium🔒---
203449Atom02 flask-mvc send_file path traversalmedium🔒---
203448sergeKashkin Simple-RAT send_file path traversalmedium🔒---
203447iedadata usap-dc-website send_file path traversalmedium🔒---
203446idayrus evoting send_file path traversalmedium🔒---
203445ganga send_file path traversalmedium🔒---
203444cmusatyalab opendiamond send_file path traversalmedium🔒---
203443cheo0 MercadoEnLineaBack send_file path traversalmedium🔒---
203442ChangeWeDer BaiduWenkuSpider_flaskWeb send_file path traversalmedium🔒---
203441orchest send_file path traversalmedium🔒---
203440ChaoticOnyx OnyxForum send_file path traversalmedium🔒---
203439LiteCart cross site scripting [CVE-2022-27168]low🔒---
203438Synacor Zimbra Collaboration zmprove ca Command missing encryptionlow🔒---
203437Wildog flask-file-server send_file path traversalmedium🔒---
203436Delor4 CarceresBE send_file path traversalmedium🔒---
203435AFDudley equanimity send_file path traversalmedium🔒---
203434operatorequals wormnest send_file path traversalmedium🔒---
203433Cybozu Garoon Cabinet access control [CVE-2022-31472]medium🔒---
203432Cybozu Garoon Bulletin access control [CVE-2022-30943]medium🔒---
203431Cybozu Garoon information disclosure [CVE-2022-29512]low🔒---
203430umeshpatil-dev Home__internet send_file path traversalmedium🔒---
203429Cybozu Garoon File access control [CVE-2022-30602]medium🔒---
203428duducosmos livro_python send_file path traversalmedium🔒---
203427akashtalole python-flask-restful-api send_file path traversalmedium🔒---
203426echoleegroup PythonWeb send_file path traversalmedium🔒---
203425JustAnotherSoftwareDeveloper Python-Recipe-Database send_file path traversalmedium🔒---
203424Harveyzyh Python send_file path traversalmedium🔒---
203423Joomlatools DOCman Image Upload cross site scripting [CVE-2022-27910]low🔒---
203422Microweber cross site scripting [CVE-2022-2353]low🔒---
203421SourceCodester Simple Parking Management System category cross site scriptinglow🔒---
203420SourceCodester Simple Parking Management System cross site scriptinglow🔒---
203419Digital Guardian Agent access control [CVE-2022-35412]medium🔒---
203418vim use after free [CVE-2022-2345]medium🔒---
203417Metadata Anonymisation Toolkit ZIP Archive path traversal [CVE-2022-35410]low🔒---
203416Webswing Header injection [CVE-2022-34914]medium🔒---
203415vim heap-based overflow [CVE-2022-2344]medium🔒---
203414vim heap-based overflow [CVE-2022-2343]medium🔒---
203413rpc.py HTTP Header deserialization [CVE-2022-35411]medium🔒---
203412Hap-WI Roxy-WI options.py subprocess_execute os command injectionmedium🔒---
203411IBM Security Access Manager Appliance Permissions permissionmedium🔒---
203410IBM Security Access Manager Appliance inadequate encryption [CVE-2022-22464]low🔒---
203409IBM Security Verify Access Web UI cross site scripting [CVE-2022-22370]low🔒---
203408IBM Security Access Manager Appliance sql injection [CVE-2022-22463]medium🔒---
203407IBM WebSphere Application Server Liberty Request authentication spoofinglow🔒---
203406PortSwigger Burp Suite Repeater/Intruder redirect [CVE-2022-35406]low🔒---
203405IBM CICS TX Standard/CICS TX Advanced HTTP Header injection [CVE-2022-34306]low🔒---
203404IBM CICS TX Standard/CICS TX Advanced Web UI cross site scriptinglow🔒---
203403IBM CICS TX Standard/CICS TX Advanced Web UI cross site scriptinglow🔒---
203402IBM CICS TX Standard/CICS TX Advanced injection [CVE-2022-34160]medium🔒---
203401Known cross site scripting [CVE-2022-31290]low🔒---
203400Known SVG File isSVG cross site scriptingmedium🔒---
203399Known Header injection [CVE-2022-33011]medium🔒---
203398Known resource injection [CVE-2022-30852]medium🔒---
203397HPE FlexNetwork/FlexFabric cross site scripting [CVE-2022-28624]low🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
203396HPE IceWall SSO sql injection [CVE-2022-28623]medium🔒---
203395AdminLTE cross site scripting [CVE-2022-31029]low🔒---
203394GFI Mail Archiver Telerik Web UI Plugin unrestricted upload [CVE-2021-29281]medium🔒---
203393Keycloak authorization [CVE-2022-1245]medium🔒---
203392Snipe-IT People Menu unrestricted upload [CVE-2022-32061]medium🔒---
203391Snipe-IT Update Branding Settings unrestricted upload [CVE-2022-32060]medium🔒---
203390Eclipse Jetty SslConnection resource controlmedium🔒---
203389Eclipse Jetty HttpURI input validationlow🔒---
203388Eclipse Lyo RDF xml external entity reference [CVE-2021-41042]low🔒---
203387Dell EMC PowerProtect Cyber Recovery access control [CVE-2022-32481]medium🔒---
203386Eclipse Jetty HTTP2 Server insufficient resource pool [CVE-2022-2048]low🔒---
203385Dell EMC Storage Cloud Mobility Remote Code Execution [CVE-2022-33936]high🔒---
203384Eclipse Equinox p2 unknown vulnerability [CVE-2021-41037]medium🔒---
203383atoms183 CMS product_admin.php sql injectionmedium🔒---
203382Microsoft Edge privileges management [CVE-2022-33680]medium🔒---
203381Magnolia CMS Edit Contact cross site scripting [CVE-2022-33098]low🔒---
203380TP-LINK TL-WR741N/TL-WR742N Packet httpRpmPass infinite loopmedium🔒---
203379HumHub Spaces cross site scripting [CVE-2022-31133]low🔒---
203378Wavlink WL-WN575A3 POST Request obtw command injectionmedium🔒---
203377TOTOLINK EX300 MQTT Data Packet setLanguageCfg command injectionmedium🔒---
203376Akashi Evidence Packet denial of service [CVE-2022-31135]low🔒---
203375Hyperledger Fabric denial of service [CVE-2022-31121]low🔒---
203374Bookwyrm User Profiles/Book Description/Status cross site scriptinglow🔒---
203373Google Login Plugin improper authentication [CVE-2015-5298]medium🔒---
203372Apache Druid URL Parameter cross site scripting [CVE-2021-44791]low🔒---
203371Apache Druid Header improper restriction of rendered ui layersmedium🔒---
203370glFTPd Connection Limit denial of service [CVE-2021-31645]low🔒---
203369Tenda AC10 code injection [CVE-2022-32054]medium🔒---
203368Online Accreditation Management process.php sql injectionmedium🔒---
203367Inout Homestay sql injection [CVE-2022-32055]medium🔒---
203366EQS Integrity Line Whistleblower Entry cross site scripting [CVE-2022-34007]low🔒---
203365Check Point ZoneAlarm unknown vulnerability [CVE-2022-23744]low🔒---
203364Hex-Rays Ida Pro File memory corruption [CVE-2022-32441]medium🔒---
203363Devolutions Server permission [CVE-2022-33996]medium🔒---
203362cURL FTP Transfer behavioral workflow [CVE-2022-32208]low🔒---
203361cURL HTTP Response allocation of resources [CVE-2022-32205]low🔒---
203360CWP Password Reset Token generation of predictable numbers or identifierslow🔒---
203359Openshift Origin Console missing secure attribute [CVE-2015-3207]low🔒---
203358cURL Cookie behavioral workflow [CVE-2022-32207]medium🔒---
203357curl HTTP Compression allocation of resources [CVE-2022-32206]low🔒---
203356Codoforum Admin Panel unrestricted upload [CVE-2022-31854]medium🔒---
203355CWP command injection [CVE-2022-25048]medium🔒---
203354Symantec Advanced Secure Gateway/ProxySG HTTP improper authenticationmedium🔒---
203353nextgen-gallery Plugin HTTP Request unrestricted upload [CVE-2015-1785]medium🔒---
203352nextgen-gallery Plugin HTTP Request unrestricted upload [CVE-2015-1784]medium🔒---
203351CWP POST Request loader.php path traversalmedium🔒---
203350Red Hat IcedTea-Web applet Tag data authenticity [CVE-2015-5236]medium🔒---
203349MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21781]medium🔒---
203348MediaTek MT8365 GED Driver use after free [CVE-2022-21771]medium🔒---
203347MediaTek MT8167S/MT8175/MT8183/MT8362A/MT8365/MT8385 Bluetooth out-of-bounds writemedium🔒---
203346outline cross site scripting [CVE-2022-2342]low🔒---
203345EidoGo SGF cross site scripting [CVE-2015-3172]low🔒---
203344HCL Launch credentials storage [CVE-2022-27548]low🔒---
203343Appfire Jira Misc Custom Fields App Project Name cross site scriptinglow🔒---
203342MediaTek MT8798 Audio DSP out-of-bounds write [CVE-2022-21787]medium🔒---
203341MediaTek MT8798 Audio DSP memory corruption [CVE-2022-21786]medium🔒---
203340MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21785]medium🔒---
203339MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21784]medium🔒---
203338MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21783]medium🔒---
203337MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21782]medium🔒---
203336MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21780]medium🔒---
203335MediaTek MT8797 WLAN Driver out-of-bounds write [CVE-2022-21779]medium🔒---
203334MediaTek MT8797 Autoboot permission [CVE-2022-21777]medium🔒---
203333MediaTek MT8798 MDP use after free [CVE-2022-21776]medium🔒---
203332MediaTek MT8797 sched Driver use after free [CVE-2022-21775]medium🔒---
203331MediaTek MT6983 TEEI Driver use after free [CVE-2022-21774]medium🔒---
203330MediaTek MT6893 TEEI Driver use after free [CVE-2022-21773]medium🔒---
203329MediaTek MT8797 TEEI Driver type confusion [CVE-2022-21772]medium🔒---
203328MediaTek MT8167/MT8175/MT8183/MT8362A/MT8365/MT8385 Bluetooth out-of-bounds writemedium🔒---
203327MediaTek MT8797 out-of-bounds write [CVE-2022-21766]medium🔒---
203326MediaTek MT8797 out-of-bounds write [CVE-2022-21765]medium🔒---
203325MediaTek MT6983 GPU use after free [CVE-2022-20082]medium🔒---
203324Northern.tech Mender Client improper authentication [CVE-2022-32290]medium🔒---
203323IOBit Advanced System Care Named Pipe AscService.exe ImpersonateNamedPipeClient access controlmedium🔒---
203322PESCMS cross site scripting [CVE-2021-31676]low🔒---
203321NocoDB server-side request forgery [CVE-2022-2339]medium🔒---
203320HCL Launch log file [CVE-2022-27549]low🔒---
203319Devolutions injection [CVE-2022-2316]medium🔒---
203318H3C Magic R100 Service Port 9034 Privilege Escalation [CVE-2022-34598]low🔒---
203317OpenVPN Access Server Web Portal entropy [CVE-2022-33738]low🔒---
203316OpenVPN Access Server incorrect ownership assignment [CVE-2022-33737]low🔒---
203315Gallagher Command Centre Server Windows Registry Setting sql injectionmedium🔒---
203314Gallagher Controller 6000 ARP Packet unusual condition [CVE-2022-26078]medium🔒---
203313Mini-Tmall tomcat-embed-jasper permission [CVE-2022-30929]medium🔒---
203312Agile Point NX Legacy Work Center FetchUsingEncodedData sql injectionmedium🔒---
203311Elastic Vega Charts Kibana cross site scripting [CVE-2022-23713]low🔒---
203310Priority Web Interface authorization [CVE-2022-23173]medium🔒---
203309Priority Forgot my Password Button information exposure [CVE-2022-23172]low🔒---
203308iTop VPN Named Pipe iTopVPNmini.exe ImpersonateNamedPipeClient information disclosurelow🔒---
203307PESCMS cross-site request forgery [CVE-2021-31679]low🔒---
203306PESCMS cross-site request forgery [CVE-2021-31678]low🔒---
203305PESCMS cross-site request forgery [CVE-2021-31677]low🔒---
203304Nextcloud Mail Attachment improper authentication [CVE-2022-31131]medium🔒---
203303Elastic Endpoint Security Ransomware Canaries access controlmedium🔒---
203302OpenVPN Access Server amplification [CVE-2021-4234]low🔒---
203301OTFCC otfccbuild.c heap-based overflowmedium🔒---
203300moment String-to-Date Parser resource consumption [CVE-2022-31129]low🔒---
203299NextAuth.js Email Signin Endpoint cross site scripting [CVE-2022-31127]low🔒---
203298Frontier control flow [CVE-2022-31111]medium🔒---
203297Red Hat CloudForms certificate validation [CVE-2014-8164]medium🔒---
203296Linux Kernel Timer rose_timer.c rose_idletimer_expiry use after freemedium🔒---
203295Cisco Expressway/TelePresence Video Communication Server Web-based Management Interface/API null byte or nul characterlow🔒---
203294Cisco Expressway/TelePresence Video Communication Server Web-based Management Interface/API null byte or nul charactermedium🔒---
203293Cisco Smart Software Manager On-Prem Device Registration resource consumptionmedium🔒---
203292Cisco TelePresence Collaboration Endpoint/RoomOS log file [CVE-2022-20768]low🔒---
203291Hap-WI Roxy-wi HTTP Request improper authentication [CVE-2022-31125]medium🔒---
203290Hap-WI Roxy-wi HTTP Request options.py injectionmedium🔒---
203289openssh_key_parser information exposure [CVE-2022-31124]low🔒---
203288Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow🔒---
203287Cisco Unified Communications Manager Web-based Management Interface cross site scriptinglow🔒---
203286custom-content-type-manager Plugin code injection [CVE-2015-3173]medium🔒---
203285Cisco Unified Communications Manager Disaster Recovery Framework access controlmedium🔒---
203284Cisco Unified Communications Manager timing discrepancy [CVE-2022-20752]low🔒---
203283Cisco Unified Communications Manager Database User Privilege absolute path traversalmedium🔒---
203282Cisco Unified Communications Manager Web-based Management Interface path traversallow🔒---
203281MediaTek MT8798 Sound Driver symlink [CVE-2022-21770]medium🔒---
203280MediaTek MT8797 CCCI out-of-bounds [CVE-2022-21769]low🔒---
203279MediaTek MT8797 Telecom Service information disclosure [CVE-2022-21764]low🔒---
203278MediaTek MT8797 Telecom Service information disclosure [CVE-2022-21763]low🔒---
203277Tenda AX1806 WanParameterSetting command injectionmedium🔒---
203276Tenda AX1803 WanParameterSetting command injectionmedium🔒---
203275Tenda AX1803 setipv6status command injectionmedium🔒---
203274grub2 JPEG Reader out-of-bounds write [CVE-2021-3697]medium🔒---
203273grub2 PNG Reader out-of-bounds write [CVE-2021-3696]medium🔒---
203272Tenda AC23 fromAdvSetMacMtuWan buffer overflowmedium🔒---
203271Tenda AC23 stack-based overflow [CVE-2022-32385]medium🔒---
203270Tenda AC23 AdvSetMacMtuWan stack-based overflowmedium🔒---
203269TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R command injectionmedium🔒---
203268IOBit Advanced System Care/Action Download Center Asc.exe permissionmedium🔒---
203267quic-go Request mtu_discoverer.go denial of service [Disputed]low🔒---
203266grub2 16-bit Grayscale PNG Image out-of-bounds write [CVE-2021-3695]medium🔒---
203265MediaTek MT8797 Modem 2G RR out-of-bounds write [CVE-2022-21744]medium🔒---
203264MediaTek MT8797 Modem out-of-bounds write [CVE-2022-20083]medium🔒---
203263IOBit Advanced System Care/Driver Booster Update Procedure data authenticitymedium🔒---
203262Apache Superset Metadata dropped privileges [CVE-2021-37839]medium🔒---
203261Apache Commons Configuration Variable Interpolation Privilege Escalationmedium🔒---
203260JFrog Artifactory User REST API Endpoint cross site scriptinglow🔒---
203259JFrog Artifactory Endpoint cross-site request forgery [CVE-2021-23163]low🔒---
203258Zabbix Link cross site scripting [CVE-2022-35230]low🔒---
203257JFrog Artifactory Project Administrator REST API unknown vulnerabilitylow🔒---
203256Zabbix Discovery Page cross site scripting [CVE-2022-35229]low🔒---
203255Apache JetSpeed server-side request forgery [CVE-2022-32533]medium🔒---
203254Synology Photo Station session fixiation [CVE-2022-22681]medium🔒---
203253Google Chrome Chrome OS Shell use after free [CVE-2022-2296]medium🔒---
203252Google Chrome V8 type confusion [CVE-2022-2295]medium🔒---
203251Dice File unrestricted upload [CVE-2022-32413]medium🔒---
203250SourceCodester Ingredient Stock Management System POST Request Users.php access controlmedium🔒---
203249So Filter Shop sql injection [CVE-2022-34972]medium🔒---
203248SourceCodester Ingredient Stock Management System view_stock.php sql injectionmedium🔒---
203247Newsletter Module index.php sql injectionmedium🔒---
203246SourceCodester Zoo Management System Add Classification cross site scriptinglow🔒---
203245Taocms Edit Category sql injection [CVE-2021-44915]medium🔒---
203244Nakama excessive authentication [CVE-2022-2321]low🔒---
203243Nextcloud Server SMTP crlf injection [CVE-2022-31014]medium🔒---
203242UltraJSON Internal Decoder double free [CVE-2022-31117]medium🔒---
203241UltraJSON JSON String control flow [CVE-2022-31116]medium🔒---
203240VICIdial AST Agent Time Sheet Interface AST_agent_time_sheet.php cross site scriptinglow🔒---
203239IBM App Connect Enterprise Certified Container Administration Console denial of servicelow🔒---
203238VICIdial User Stats Interface user_stats.php sql injectionmedium🔒---
203237VICIdial AST Agent Time Sheet Interface AST_agent_time_sheet.php sql injectionmedium🔒---
203236VICIdial admin.php sql injectionmedium🔒---
203235Alibaba Nacos Access Prompt Page access control [CVE-2021-43116]medium🔒---
203234Beego Wildcard leafInfo.match path traversalmedium🔒---
203233Google Chrome WebRTC heap-based overflow [CVE-2022-2294]medium🔒---
203232Xen Linux Block Device information disclosure [CVE-2022-26365]low🔒---
203231OpenCTI Data Import cross site scripting [CVE-2022-30289]low🔒---
203230Asus RT-A88U Admin Panel cross site scripting [CVE-2021-43702]low🔒---
203229Xen Dom0 denial of service [CVE-2022-33744]low🔒---
203228OpenCTI access control [CVE-2022-30290]medium🔒---
203227vim stack-based overflow [CVE-2022-2304]medium🔒---
203226Xen Linux Netfront denial of service [CVE-2022-33743]low🔒---
203225Xen Linux Block Device information disclosure [CVE-2022-33742]low🔒---
203224Xen Linux Block Device information disclosure [CVE-2022-33741]low🔒---
203223Xen Linux Block Device information disclosure [CVE-2022-33740]low🔒---
203222libxml2 lxml null pointer dereference [CVE-2022-2309]low🔒---
203221OpenSSL AES OCB Mode missing encryption [CVE-2022-2097]low🔒---
203220Nakama session expiration [CVE-2022-2306]low🔒---
203219Zoho ManageEngine ADSelfService Mobile App Deployment API denial of servicelow🔒---
203218TypeORM FindOneOptions findOne sql injection [Disputed]medium🔒---
203217KDE Django Extract sql injectionmedium🔒---
203216Nvidia DGX A100 SBIOS SmbiosPei out-of-bounds writemedium🔒---
203215Nvidia DGX A100 SBIOS Ofbd uninitialized pointermedium🔒---
203214Nvidia DGX A100 SBIOS IpSecDxe array indexmedium🔒---
203213Nvidia DGX A100 SBIOS IpSecDxe out-of-bounds writemedium🔒---
203212Nvidia DGX A100 SBIOS SmmCore integer overflowmedium🔒---
203211Ransom Lockbit RstrtMgr.dll uncontrolled search pathmedium🔒---
203210Linux Kernel User Namespace nf_tables_api.c nft_set_elem_init type confusionmedium🔒---
203209WP Championship Plugin cross-site request forgery [CVE-2022-1967]low🔒---
203208Gallery Plugin AJAX Action cross site scripting [CVE-2022-1946]low🔒---
203207WP Contact Slider Plugin Text to Display Settings cross site scriptinglow🔒---
203206Redirection for Contact Form 7 Plugin Attribute cross site scriptinglow🔒---
203205Ninja Forms Contact Form Plugin Data Import cross site scriptinglow🔒---
203204Ninja Forms Contact Form Plugin Field Label cross site scriptinglow🔒---
203203Import any XML or CSV File to Plugin ZIP File code injectionmedium🔒---
203202hpjansson chafa buffer over-read [CVE-2022-2301]medium🔒---
203201Cybozu Garoon Portal access control [CVE-2022-26051]medium🔒---
203200Microweber cross site scripting [CVE-2022-2300]low🔒---
203199Cybozu Garoon cross site scripting [CVE-2022-29513]low🔒---
203198Cybozu Garoon cross site scripting [CVE-2022-27627]low🔒---
203197Cybozu Garoon Space denial of service [CVE-2022-29892]low🔒---
203196Cybozu Garoon Bulletin access control [CVE-2022-29471]medium🔒---
203195Cybozu Garoon Scheduler improper authentication [CVE-2022-28713]medium🔒---
203194Cybozu Garoon Scheduler access control [CVE-2022-28692]medium🔒---
203193Cybozu Garoon Category access control [CVE-2022-27807]medium🔒---
203192Cybozu Garoon Space access control [CVE-2022-27803]medium🔒---
203191Cybozu Garoon Space access control [CVE-2022-29484]medium🔒---
203190Cybozu Garoon Address information disclosure [CVE-2022-29467]low🔒---
203189Cybozu Garoon Bulletin access control [CVE-2022-28718]medium🔒---
203188Cybozu Garoon behavioral workflow [CVE-2022-27661]medium🔒---
203187Cybozu Garoon Cabinet access control [CVE-2022-26368]medium🔒---
203186Cybozu Garoon Link access control [CVE-2022-26054]medium🔒---
203185Omron NX7/NX1/NJ authentication replay [CVE-2022-33971]medium🔒---
203184Home Spot Cube2 DHCP Server Reply os command injection [CVE-2022-33948]medium🔒---
203183Omron NJ hard-coded credentials [CVE-2022-34151]medium🔒---
203182Omron NJ authentication replay [CVE-2022-33208]medium🔒---
203181Yokogawa AW810D VI461 denial of service [CVE-2022-32284]medium🔒---
203180Ransom Lockbit Password stack-based overflowmedium🔒---
203179SourceCodester Clinics Patient Management System Login Page index.php sql injectionmedium🔒---
203178SourceCodester Clinics Patient Management System unrestricted uploadmedium🔒---
203177vim use after free [CVE-2022-2289]medium🔒---
203176vim out-of-bounds write [CVE-2022-2288]medium🔒---
203175zadam trilium cross site scripting [CVE-2022-2290]low🔒---
203174md2roff Markdown File stack-based overflow [CVE-2022-34913] [Disputed]medium🔒---
203173vim out-of-bounds [CVE-2022-2287]medium🔒---
203172vim out-of-bounds [CVE-2022-2286]medium🔒---
203171vim integer overflow [CVE-2022-2285]medium🔒---
203170vim heap-based overflow [CVE-2022-2284]medium🔒---
203169MediaWiki Welcome successfulAction escape outputmedium🔒---
203168MediaWiki Special:Contributions cross site scriptinglow🔒---
203167SourceCodester Simple Sales Management System create cross site scriptinglow🔒---
203166SourceCodester Hotel Management System Room Edit Page 1 cross site scriptinglow🔒---
203165SourceCodester Hotel Management System Search search cross site scriptinglow🔒---
203164Zoho ManageEngine ServiceDesk Plus MSP web.xml path traversalmedium🔒---
203163NVIDIA DGX A100 BiosCfgTool memory corruption [CVE-2022-28200]medium🔒---
203162TOTOLINK T6 FUN_0041621c stack-based overflowmedium🔒---
203161TOTOLINK T6 FUN_004137a4 stack-based overflowmedium🔒---
203160TOTOLINK T6 FUN_004133c4 stack-based overflowmedium🔒---
203159TOTOLINK T6 FUN_0041af40 stack-based overflowmedium🔒---
203158TOTOLINK T6 FUN_00418540 stack-based overflowmedium🔒---
203157TOTOLINK T6 FUN_0041cc88 stack-based overflowmedium🔒---
203156TOTOLINK T6 FUN_00412ef4 stack-based overflowmedium🔒---
203155TOTOLINK T6 FUN_0041880c stack-based overflowmedium🔒---
203154TOTOLINK T6 FUN_00413be4 stack-based overflowmedium🔒---
203153TOTOLINK T6 FUN_00413f80 stack-based overflowmedium🔒---
203152Tenda M3 formSetAccessCodeInfo stack-based overflowmedium🔒---
203151Tenda M3 formGetPassengerAnalyseData stack-based overflowmedium🔒---
203150Tenda M3 formSetCfm stack-based overflowmedium🔒---
203149Tenda M3 fromDhcpListClient stack-based overflowmedium🔒---
203148Tenda M3 formSetAPCfg stack-based overflowmedium🔒---
203147Tenda M3 formSetStoreWeb stack-based overflowmedium🔒---
203146Tenda M3 formMasterMng stack-based overflowmedium🔒---
203145Tenda M3 formdelMasteraclist stack-based overflowmedium🔒---
203144Tenda AX1806 formSetVirtualSer stack-based overflowmedium🔒---
203143Tenda AX1806 formAddMacfilterRule stack-based overflowmedium🔒---
203142Tenda AX1806 Parameter fromSetRouteStatic stack-based overflowmedium🔒---
203141Tenda AX1806 Parameter formSetQosBand stack-based overflowmedium🔒---
203140GitLab Autocomplete information disclosure [CVE-2022-0167]low🔒---
203139GitLab Enterprise Edition Group Milestone information disclosurelow🔒---
203138GitLab Conan Package permission [CVE-2022-2270]medium🔒---
203137GitLab Project Import permission assignment [CVE-2022-2185]medium🔒---
203136GitLab Community Edition/Enterprise Edition REST API access controlmedium🔒---
203135GitLab Enterprise Edition Deploy improper authorization [CVE-2022-1983]medium🔒---
203134GitLab Enterprise Edition Group Setting access control [CVE-2022-1981]medium🔒---
203133link-preview-js server-side request forgery [CVE-2022-25876]medium🔒---
203132HongCMS edit Privilege Escalationmedium🔒---
203131HongCMS Languages Config File Privilege Escalation [CVE-2022-32411]medium🔒---
203130GitLab Enterprise Edition ZenTao Link cross site scripting [CVE-2022-2235]low🔒---
203129GitLab Community Edition/Enterprise Edition cross site scriptinglow🔒---
203128git-clone command injection [CVE-2022-25900]medium🔒---
203127jsrsasign signature verification [CVE-2022-25898]low🔒---
203126passport Session session fixiation [CVE-2022-25896]low🔒---
203125scss-tokenizer Regular Expression loadAnnotation incorrect regexmedium🔒---
203124GitLab Community Edition/Enterprise Edition Response Header incorrect regexmedium🔒---
203123Distributed Data Systems WebHMI cross site scripting [CVE-2022-2254]low🔒---
203122GitLab Community Edition/Enterprise Edition redirect [CVE-2022-2250]medium🔒---
203121GitLab Community Edition/Enterprise Edition Error Tracking improper authorizationmedium🔒---
203120GitLab Enterprise Edition Non-linked Sentry Project access controlmedium🔒---
203119GitLab Community Edition/Enterprise Edition Private Project improper authorizationmedium🔒---
203118GitLab Enterprise Edition Group access control [CVE-2022-2228]low🔒---
203117GitLab Community Edition/Enterprise Edition Rrunner Jobs API access controlmedium🔒---
203116Distributed Data Systems WebHMI os command injection [CVE-2022-2253]medium🔒---
203115Aerogear cross site scripting [CVE-2014-3650]low🔒---
203114Simplepush Server resource consumption [CVE-2014-3648]low🔒---
203113MCMS unrestricted upload [CVE-2022-31943]medium🔒---
203112Tenda AC23 formWifiBasicSet stack-based overflowmedium🔒---
203111JPEGOPTIM jpegoptim.c memory corruptionlow🔒---
203110PDFAlto pdfalto.cc heap-based overflowmedium🔒---
203109MariaDB exclude_level denial of servicelow🔒---
203108MariaDB report_use/filesort memory corruptionmedium🔒---
203107MariaDB walk_args memory corruptionmedium🔒---
203106MariaDB fix_outer_field denial of servicelow🔒---
203105MariaDB cleanup_processor memory corruptionmedium🔒---
203104MariaDB sub_select memory corruptionmedium🔒---
203103MariaDB init_expr_cache_tracker memory corruptionlow🔒---
203102MariaDB dict0dict.cc get_ref_count assertionlow🔒---
203101MariaDB handler0alter.cc prepare_inplace_add_virtual memory corruptionmedium🔒---
203100MariaDB sanitizer_common_interceptors.inc __interceptor_memset memory corruptionmedium🔒---
203099NVIDIA NVFLARE YAML File yaml.load deserializationmedium🔒---
203098NVIDIA NVFLARE PKI Implementation Module deserialization [CVE-2022-31604]medium🔒---
203097GitLab Community Edition/Enterprise Edition Two-factor Authentication information disclosurelow🔒---
203096Canarytokens cross site scripting [CVE-2022-31113]low🔒---
203095GnuPG Status Line injection [CVE-2022-34903]medium🔒---
203094IBM UrbanCode Deploy cleartext storage [CVE-2022-22366]low🔒---
203093IBM UrbanCode Deploy information disclosure [CVE-2022-22367]low🔒---
203092Hospital Management System orders.php sql injectionmedium🔒---
203091Hospital Management System doctorlogin.php sql injectionmedium🔒---
203090Hospital Management System adminlogin.php sql injectionmedium🔒---
203089IBM InfoSphere Information Server access control [CVE-2022-22373]medium🔒---
203088FusionPBX login.php cross site scriptinglow🔒---
203087itsourcecode College Management System PHP File teacher.php Privilege Escalationmedium🔒---
203086Lua luaG_runerror heap-based overflowmedium🔒---
203085SaltStack Salt improper authorization [CVE-2022-2282]medium🔒---
203084Das U-Boot sqfs_readdir out-of-bounds writemedium🔒---
203083Failed Job Deactivator Plugin cross-site request forgery [CVE-2022-34817]low🔒---
203082Request Rename Or Delete Plugin Pending Request cross-site request forgerylow🔒---
203081XPath Configuration Viewer Plugin cross-site request forgerylow🔒---
203080Deployment Dashboard Plugin HTTP URL cross-site request forgerylow🔒---
203079Deployment Dashboard Plugin Environment Name cross site scriptinglow🔒---
203078Recipe Plugin HTTP Request cross-site request forgery [CVE-2022-34792]low🔒---
203077Validating Email Parameter Plugin cross site scripting [CVE-2022-34791]low🔒---
203076eXtreme Feedback Panel Plugin Tooltip cross site scripting [CVE-2022-34790]low🔒---
203075Matrix Reloaded Plugin cross-site request forgery [CVE-2022-34789]low🔒---
203074Matrix Reloaded Plugin Tooltip cross site scripting [CVE-2022-34788]low🔒---
203073Project Inheritance Plugin Tooltip cross site scripting [CVE-2022-34787]low🔒---
203072Rich Text Publisher Plugin HTML Message cross site scriptinglow🔒---
203071build-metrics Plugin Build Description cross site scripting [CVE-2022-34784]low🔒---
203070JetBrains Hub Untrusted Source access control [CVE-2022-34894]medium🔒---
203069vim heap-based overflow [CVE-2022-2264]medium🔒---
203068Plot Plugin cross site scripting [CVE-2022-34783]low🔒---
203067XebiaLabs XL Release Plugin cross-site request forgery [CVE-2022-34780]low🔒---
203066TestNG Results Plugin Exception Message cross site scriptinglow🔒---
203065GitLab Plugin Description cross site scripting [CVE-2022-34777]low🔒---
203064microweber cross site scripting [CVE-2022-2280]low🔒---
203063Recipe Plugin XML Parser xml external entity reference [CVE-2022-34793]low🔒---
203062Urtracker Premium Batch Add cross site scripting [CVE-2022-33043]low🔒---
203061Ping Identity PingID Local Java Service authentication bypassmedium🔒---
203060Ping Identity PingID Offline Security Key denial of service [CVE-2022-23717]low🔒---
203059Failed Job Deactivator Plugin HTTP Endpoint authorization [CVE-2022-34818]medium🔒---
203058Request Rename Or Delete Plugin HTTP Endpoint authorization [CVE-2022-34814]medium🔒---
203057XPath Configuration Viewer Plugin XPath Expression authorizationmedium🔒---
203056XPath Configuration Viewer Plugin authorization [CVE-2022-34811]medium🔒---
203055RQM Plugin ID authorization [CVE-2022-34810]low🔒---
203054RQM Plugin Configuration File credentials storage [CVE-2022-34809]low🔒---
203053Elasticsearch Query Plugin Configuration File credentials storagelow🔒---
203052Jigomerge Plugin Controller File credentials storage [CVE-2022-34806]low🔒---
203051Skype Notifier Plugin Configuration File credentials storagelow🔒---
203050OpsGenie Plugin Configuration File config.xml credentials storagelow🔒---
203049RocketChat Notifier Plugin Configuration File credentials storagelow🔒---
203048Build Notifications Plugin Configuration File credentials storagelow🔒---
203047Deployment Dashboard Plugin Configuration File credentials storagelow🔒---
203046Deployment Dashboard Plugin HTTP Endpoint authorization [CVE-2022-34798]medium🔒---
203045Deployment Dashboard Plugin ID authorization [CVE-2022-34796]low🔒---
203044Recipe Plugin HTTP Request authorization [CVE-2022-34794]medium🔒---
203043build-metrics Plugin HTTP Request Endpoint authorization [CVE-2022-34785]low🔒---
203042requests-plugin Permissions authorization [CVE-2022-34782]low🔒---
203041bfabiszewski Libmobi null pointer dereference [CVE-2022-2279]low🔒---
203040OpenSSL RSA Private Key rsaz_exp_x2.c ossl_rsaz_mod_exp_avx512_x2 memory corruptionhigh🔒---
203039XebiaLabs XL Release Plugin authorization [CVE-2022-34781]medium🔒---
203038XebiaLabs XL Release Plugin authorization [CVE-2022-34779]low🔒---
203037Oxen Session PIN improper authentication [CVE-2022-1955]medium🔒---
203036Ember.js innerHTML cross site scriptinglow🔒---
203035Ampere Altra/AltraMax UEFI authorization [CVE-2022-32295]low🔒---
203034TP-Link Archer C50 HTTP Request fillobjbystr stack-based overflowmedium🔒---
203033Open Policy Agent AST Parser compile.go denial of servicelow🔒---
203032Ping Identity PingID Registry insufficiently protected credentialsmedium🔒---
203031vim out-of-bounds [CVE-2022-2257]medium🔒---
203030ManageIQ Awesome Spawn os command injection [CVE-2014-0156]medium🔒---
203029Red Hat Openshift node-utils watchman.pid permission assignmentmedium🔒---
203028Robustel R1510 API web_server os command injectionmedium🔒---
203027Robustel R1510 API web_server os command injectionmedium🔒---
203026Robustel R1510 API web_server os command injectionmedium🔒---
203025Robustel R1510 API web_server os command injectionmedium🔒---
203024Robustel R1510 API web_server os command injectionmedium🔒---
203023Robustel R1510 API web_server os command injectionmedium🔒---
203022Robustel R1510 API web_server os command injectionmedium🔒---
203021Robustel R1510 API web_server os command injectionmedium🔒---
203020Robustel R1510 Clish art2 debug code [CVE-2022-32585]medium🔒---
203019Robustel R1510 API web_server denial of servicelow🔒---
203018Openshift Origin Server temp file [CVE-2013-4561]medium🔒---
203017MyAdmin Personal Center access control [CVE-2021-37791]medium🔒---
203016deep.assign code injection [CVE-2021-40663]medium🔒---
203015OpsGenie Plugin Configuration Form sensitive information in executablelow🔒---
203014Build Notifications Plugin Configuration Form sensitive information in executablelow🔒---
203013Asus DSL-N14U-B1 list Parameter cross site scripting [CVE-2022-32988]low🔒---
203012Automox Agent Installation Package File access control [CVE-2022-27904]medium🔒---
203011Ping Identity PingID RSA authentication bypass [CVE-2021-41995]low🔒---
203010Parse Server Server LiveQuery Parser information disclosure [CVE-2022-31112]low🔒---
203009gps-sdr-sim Command Line Parameter buffer overflow [CVE-2021-37778]medium🔒---
203008Xiaongmai HI3518_50H10L_S39 macGuarder/dvrHelper backdoor [CVE-2021-41506]medium🔒---
203007HPE Network Virtualization Plugin Configuration File credentials storagelow🔒---
203006Ping Identity PingID authentication bypass [CVE-2022-23720]low🔒---
203005Ping Identity PingID Privilege Escalation [CVE-2022-23718]medium🔒---
203004ESPCMS P8 ESPCMS_Templates fetch_filename Privilege Escalationmedium🔒---
203003swfupload Plugin injection [CVE-2013-4144]medium🔒---
203002opensearch-ruby YAML YAML.load deserializationmedium🔒---
203001Exemys RME1 Web Interface improper authentication [CVE-2022-2197]high🔒---
203000viaviwebtech Android EBook App api.php sql injectionmedium🔒---
202999IBM Spectrum Protect Client cleartext storage [CVE-2022-22478]low🔒---
202998IBM Spectrum Protect Server excessive authentication [CVE-2022-22496]low🔒---
202997LibTIFF tiffcrop divide by zero [CVE-2022-2058]low🔒---
202996LibTIFF tiffcrop divide by zero [CVE-2022-2057]low🔒---
202995LibTIFF tiffcrop divide by zero [CVE-2022-2056]low🔒---
202994IBM CloudPak for Multicloud Monitoring Privileged Mode Privilege Escalationlow🔒---
202993Linux Kernel nft_set_desc_concat_parse buffer overflowmedium🔒---
202992Linux Kernel KVM Module emulate.c x86_emulate_insn null pointer dereferencelow🔒---
202991Cisco Spark Plugin Configuration File credentials storage [CVE-2022-34808]low🔒---
202990Nucleus CMS unrestricted upload [CVE-2021-37770]medium🔒---
202989IBM Spectrum Protect Client dsmcad/dsmc/dsmcsvc denial of servicelow🔒---
202988IBM Sterling B2B Integrator Standard Edition information disclosurelow🔒---
202987IBM Spectrum Protect Operations Center HTTP Request information disclosurelow🔒---
202986IBM Spectrum Protect excessive authentication [CVE-2022-22487]low🔒---
202985IBM Spectrum Protect Plus Container Backup and Restore Role Based Access Control access controlmedium🔒---
202984EyesOfNetwork Options Configuration sendmail Privilege Escalationmedium🔒---
202983Atlassian Jira Server/Jira Data Center Mobile Plugin server-side request forgerymedium🔒---
202982Online Hotel Booking System Room edit_room_cat.php sql injectionmedium🔒---
202981Online Hotel Booking System Room edit_all_room.php sql injectionmedium🔒---
202980Omron SYSMAC CS1 signature verification [CVE-2022-31206]medium🔒---
202979Omron SYSMAC CS1 data authenticity [CVE-2022-31207]low🔒---
202978Omron SYSMAC CS1 CP1W-CIF41 Ethernet Option Board credentials storagelow🔒---
202977Omron SYSMAC CS1 cleartext transmission [CVE-2022-31204]low🔒---
202976Das U-Boot i2c md Command do_i2c_md stack-based overflowmedium🔒---
202975Edimax IC-3140W hard-coded credentials [CVE-2021-40597]medium🔒---
202974Joy Wolf E-Bike Key Fob Request denial of service [CVE-2022-30467]low🔒---
202973Backdoor.Win32.EvilGoat.b Service Port 13014 hard-coded credentialsmedium🔒---
202972Backdoor.Win32.Cafeini.b Service Port 51966 hard-coded credentialsmedium🔒---
202971Backdoor.Win32.Coredoor.10.a Service Port 21000 improper authenticationmedium🔒---
202970grav code injection [CVE-2022-2073]medium🔒---
202969Enalean Tuleap MyDocmanSearch Widget cross site scripting [CVE-2022-31063]low🔒---
202968Enalean Tuleap Tracker Report sql injection [CVE-2022-31058]medium🔒---
202967Enalean Tuleap Project information disclosure [CVE-2022-31032]low🔒---
202966RSSHub resource consumption [CVE-2022-31110]low🔒---
202965oretnom23 Online Railway Reservation System sql injection [CVE-2022-33061]medium🔒---
202964oretnom23 Online Railway Reservation System sql injection [CVE-2022-33060]medium🔒---
202963oretnom23 Online Railway Reservation System sql injection [CVE-2022-33059]medium🔒---
202962oretnom23 Online Railway Reservation System sql injection [CVE-2022-33058]medium🔒---
202961oretnom23 Online Railway Reservation System sql injection [CVE-2022-33057]medium🔒---
202960microweber redirect [CVE-2022-2252]medium🔒---
202959IBM Security Guardium Web UI cross site scripting [CVE-2021-39074]low🔒---
202958oretnom23 Online Railway Reservation System view_details.php sql injectionmedium🔒---
202957Microsoft Edge Remote Code Execution [CVE-2022-33639]medium🔒---
202956Microsoft Edge Remote Code Execution [CVE-2022-33638]medium🔒---
202955Microsoft Edge Remote Code Execution [CVE-2022-30192]medium🔒---
202954MetaMask BIP39 Mnemonic information disclosure [CVE-2022-32969]low🔒---
202953ApiFest OAuth 2.0 Server URI redirect [CVE-2020-26877]low🔒---
202952XLPD unquoted search path [CVE-2022-33035]medium🔒---
202951NoMachine permission [CVE-2022-34043]medium🔒---
202950Embarcadero Dev-CPP EXE File uncontrolled search path [CVE-2022-33037]low🔒---
202949Embarcadero Dev-CPP EXE File uncontrolled search path [CVE-2022-33036]low🔒---
202948CVA6 Multiplication Unit permission [CVE-2022-33023]medium🔒---
202947CVA6 memory corruption [CVE-2022-33021]medium🔒---
202946ThinkPHP AbstractCache.php deserializationmedium🔒---
202945Textpattern CMS txplib_misc.php missing secure attribute [CVE-2021-40642]low🔒---
202944SilverStripe Framework cwp-core Module cross site scripting [CVE-2022-25238]low🔒---
202943Marval MSM 2FA cross-site request forgery [CVE-2022-31886]low🔒---
202942Admidio cross site scripting [CVE-2022-23896]low🔒---
202941SilverStripe Framework XMLHttpRequest cross site scripting [CVE-2022-28803]low🔒---
202940SilverStripe Assets cross site scripting [CVE-2022-29858]low🔒---
202939wuzhicms cross site scripting [CVE-2020-19897]low🔒---
202938dompdf server-side request forgery [CVE-2022-0085]low🔒---
202937SourceCodester Zoo Management System register_visitor cross site scriptinglow🔒---
202936Nagios XI Login redirect [CVE-2022-29272]low🔒---
202935Nagios XI Downtime permission [CVE-2022-29271]low🔒---
202934Nagios XI Email Address access control [CVE-2022-29270]medium🔒---
202933Nagios XI Schedule Report injection [CVE-2022-29269]low🔒---
202932Marval MSM Administrator Password access control [CVE-2022-31887]medium🔒---
202931Marval MSM API Key access control [CVE-2022-31884]medium🔒---
202930SilverStripe Framework session fixiation [CVE-2022-24444]medium🔒---
202929Marval MSM VBScript os command injection [CVE-2022-31885]medium🔒---
202928Marval MSM API Key resource injection [CVE-2022-31883]low🔒---
202927vim null pointer dereference [CVE-2022-2231]low🔒---
202926zephyrproject-rtos le_ecred_conn_req stack-based overflowmedium🔒---
202925zephyrproject-rtos CONNECT_IND unknown vulnerabilitylow🔒---
202924zephyrproject-rtos CONNECT_IND divide by zerolow🔒---
202923zephyrproject-rtos LL_FEATURE_REQ assertionlow🔒---
202922zephyrproject-rtos LL_CONNECTION_PARAM_REQ assertionmedium🔒---
202921GLPI information disclosure [CVE-2022-31068]low🔒---
202920GLPI Login Page sql injection [CVE-2022-31061]medium🔒---
202919Cloudflare WARP Client Installation link following [CVE-2022-2145]medium🔒---
202918Dahua IPC-HDBW2XXX/IPC-HFW2XXX/ASI7XXXX ONVIF authentication replaymedium🔒---
202917Dahua IPC-HDBW2XXX/IPC-HFW2XXX/ASI7XXXX Header injection [CVE-2022-30562]medium🔒---
202916Dahua IPC-HDBW2XXX/IPC-HFW2XXX/ASI7XXXX Request Packet authentication replaymedium🔒---
202915Dahua IPC-HDBW2XXX/IPC-HFW2XXX/ASI7XXXX Packet denial of servicelow🔒---
202914Yokogawa STARDOM FCN Controller/STARDOM FCJ Controller hard-coded credentialshigh🔒---
202913Yokogawa STARDOM FCN Controller/STARDOM FCJ Controller cleartext transmissionlow🔒---
202912DCMTK dcmqrdb memory leak [CVE-2021-41690]low🔒---
202911DCMTK dcmqrdb heap-based overflow [CVE-2021-41689]low🔒---
202910DCMTK dcmqrdb double free [CVE-2021-41688]low🔒---
202909DCMTK Parser memory leak [CVE-2021-41687]low🔒---
202908GPAC MP4Box filter_pid.c gf_filter_pid_get_packet denial of servicelow🔒---
202907Bento4 Ap4Descriptor.h Action denial of servicelow🔒---
202906GPAC MP4Box GetHintFormat denial of servicelow🔒---
202905GPAC MP4Box gf_hinter_track_finalize denial of servicelow🔒---
202904GPAC MP4Box schm_box_size denial of servicelow🔒---
202903ILIAS Email Verification integrity check [CVE-2022-31266]medium🔒---
202902SilverStripe Framework XML Document xml2array denial of servicelow🔒---
202901zephyrproject-rtos le_ecred_conn_req uninitialized resourcelow🔒---
202900Apache Shiro RegexRequestMatcher authorization [CVE-2022-32532]medium🔒---
202899miniCMS post-edit.php file inclusionmedium🔒---
202898GPAC gf_bs_write_data denial of servicelow🔒---
202897PackageKit Transaction Interface timing discrepancy [CVE-2022-0987]low🔒---
202896Dell EMC PowerScale OneFS risky encryption [CVE-2022-31230]low🔒---
202895Mermaid Background Image injection [CVE-2022-31108]low🔒---
202894GLPI Assistance form sql injection [CVE-2022-31056]medium🔒---
202893XPDF object.cc Copy stack-based overflowmedium🔒---
202892Douzone NeoRS ActiveX Module origin validation [CVE-2022-23763]high🔒---
202891MediaWiki Lemma Length denial of service [CVE-2022-34750]low🔒---
202890Yokogawa CENTUM CAMS information disclosure [CVE-2022-30707]low🔒---
202889ECShop information disclosure [CVE-2021-41460]low🔒---
202888Synapse URL Preview recursion [CVE-2022-31052]low🔒---
202887Dell EMC PowerScale OneFS information exposure [CVE-2022-31229]low🔒---
202886Clever underscore.deep deepFromFlat prototype pollutionmedium🔒---
202885piwigo LocalFiles Editor command injection [CVE-2021-40553]medium🔒---
202884HPE NonStop DSM/NonStop SCM information disclosure [CVE-2022-28621]low🔒---
202883ruby-mysql external reference [CVE-2021-3779]low🔒---
202882ionicabizau parse-path authorization [CVE-2022-0624]medium🔒---
202881LightCMS PDF File cross site scripting [CVE-2022-33009]low🔒---
202880Delta Electronics DIAEnergie Settings Module cross site scriptinglow🔒---
202879Apache Tika Incomplete Fix StandardsExtractingContentHandler incorrect regexlow🔒---
202878lettersanitizer CSS Rule unusual condition [CVE-2022-31103]low🔒---
202877PrestaShop blockwishlist sql injection [CVE-2022-31101]medium🔒---
202876rulex Expression Parser assertion [CVE-2022-31100]medium🔒---
202875rulex Expression Parser recursion [CVE-2022-31099]medium🔒---
202874ScratchTools Recently Viewed Project cross site scripting [CVE-2022-31094]low🔒---
202873LDAP Account Manager Login injection [CVE-2022-31088]medium🔒---
202872KubeEdge CSI Driver Controller null pointer dereference [CVE-2022-31077]low🔒---
202871BigBlueButton Private Chat cross site scripting [CVE-2022-31064]low🔒---
202870BigBlueButton Greenlight Room Setting privileges management [CVE-2022-31039]medium🔒---
202869GPAC MP4Box filter.c filter_parse_dyn_args denial of servicelow🔒---
202868Wasmtime calculation [CVE-2022-31104]low🔒---
202867Halo CMS upload unrestricted uploadmedium🔒---
202866NextAuth.js URL unusual condition [CVE-2022-31093]low🔒---
202865KubeEdge CloudCore null pointer dereference [CVE-2022-31076]low🔒---
202864Shopware cross site scripting [CVE-2022-31057]low🔒---
202863TRENDnet TEW-751DR/TEW-752DRU genacgi_main stack-based overflowmedium🔒---
202862Halo CMS Template server-side request forgery [CVE-2022-32995]medium🔒---
202861D-Link DIR-645 __ajax_explorer.sgi command injectionmedium🔒---
202860Parse Server Invalid File Request return value [CVE-2022-31089]low🔒---
202859LDAP Account Manager argument injection [CVE-2022-31084]medium🔒---
202858BigBlueButton Private Chat cross site scripting [CVE-2022-31065]low🔒---
202857Argo CD symlink [CVE-2022-31036]medium🔒---
202856Discourse Invite permissions [CVE-2022-31096]low🔒---
202855Weave GitOps log file [CVE-2022-31098]low🔒---
202854glpi-inventory-plugin Package Deployment Task deploypackage.public.php sql injectionlow🔒---
202853Benjamin Balet Jorani Users.php cross-site request forgerylow🔒---
202852Benjamin Balet Jorani Leaves.php cross site scriptinglow🔒---
202851GUnet Open eClass Platform index.php pathname traversallow🔒---
202850Guzzle Redirect information disclosure [CVE-2022-31091]low🔒---
202849Guzzle Curl information disclosure [CVE-2022-31090]low🔒---
202848Benjamin Balet Jorani Leaves.php sql injectionmedium🔒---
202847LDAP Account Manager injection [CVE-2022-31087]medium🔒---
202846LDAP Account Manager pdf injectionmedium🔒---
202845HTTP::Daemon request smuggling [CVE-2022-31081]medium🔒---
202844Pimcore sql injection [CVE-2022-31092]medium🔒---
202843LDAP Account Manager PHP OpenSSL Extension missing encryptionlow🔒---
202842Ruckus Wireless ZoneDirector cross site scripting [CVE-2020-21161]low🔒---
202841Hikvision Hybrid SAN Web Module cross site scripting [CVE-2022-28172]low🔒---
202840Argo CD UI cross site scripting [CVE-2022-31035]low🔒---
202839Hikvision Hybrid SAN Web Module os command injection [CVE-2022-28171]medium🔒---
202838Brocade SANnav Base64 Encoding log file [CVE-2022-28168]low🔒---
202837Brocade SANnav Switch Password asyncjobscheduler-manager.log server log filelow🔒---
202836Brocade SANnav SSL Server hard-coded key [CVE-2022-28166]low🔒---
202835Apache SystemDS readExternal resource consumptionlow🔒---
202834Axiomatic Bento4 Ap4Array.h AP4_Array denial of servicelow🔒---
202833vim out-of-bounds write [CVE-2022-2210]medium🔒---
202832Elcomplus SmartICS Parameter cross site scripting [CVE-2022-2140]low🔒---
202831Elcomplus SmartICS Filename path traversal [CVE-2022-2106]low🔒---
202830Elcomplus SmartICS Process access control [CVE-2022-2088]low🔒---
202829Argo CD SSO Login random values [CVE-2022-31034]low🔒---
202828Devolutions Remote Desktop Manager My Account Settings information disclosurelow🔒---
202827MindSpore Initialization Split divide by zerolow🔒---
202826MindSpore Derivation Shape divide by zero [CVE-2021-33653]low🔒---
202825MindSpore Reduce divide by zerolow🔒---
202824MindSpore DepthwiseConv2D divide by zerolow🔒---
202823MindSpore Inference Shape SparseToDense out-of-boundslow🔒---
202822MindSpore Inference Shape heap-based overflow [CVE-2021-33649]medium🔒---
202821MindSpore Inference Shape Gather heap-based overflowmedium🔒---
202820MindSpore Inference Shape out-of-bounds write [CVE-2021-33647]medium🔒---
202819HPE StoreOnce Software SSH Server key management [CVE-2022-28622]low🔒---
202818ionicabizau parse-url cross site scripting [CVE-2022-2218]low🔒---
202817ionicabizau parse-url server-side request forgery [CVE-2022-2216]medium🔒---
202816vim null pointer dereference [CVE-2022-2208]low🔒---
202815vim heap-based overflow [CVE-2022-2207]medium🔒---
202814scniro-validator Invalid Email incorrect regex [CVE-2021-40901]low🔒---
202813regexfn Email incorrect regex [CVE-2021-40900]low🔒---
202812ionicabizau parse-url cross site scripting [CVE-2022-2217]low🔒---
202811ionicabizau parse-url information disclosure [CVE-2022-0722]low🔒---
202810repo-git-downloader Git Repository incorrect regex [CVE-2021-40899]low🔒---
202809scaffold-helper Invalid File incorrect regex [CVE-2021-40898]low🔒---
202808split-html-to-chars HTML incorrect regex [CVE-2021-40897]low🔒---
202807that-value Invalid Email incorrect regex [CVE-2021-40896]low🔒---
202806todo-regex TODO Statement incorrect regex [CVE-2021-40895]low🔒---
202805Clean-Contact Plugin Setting cross-site request forgery [CVE-2022-1914]low🔒---
202804Add Post URL Plugin Setting cross-site request forgery [CVE-2022-1913]low🔒---
202803WP Sentry Plugin Setting cross-site request forgery [CVE-2022-1844]low🔒---
202802OpenBook Book Data Plugin Setting cross-site request forgerylow🔒---
202801Site Offline or Coming Soon Plugin Setting cross-site request forgerylow🔒---
202800Brizy Plugin cross site scripting [CVE-2022-2041]low🔒---
202799Brizy Plugin URL cross site scripting [CVE-2022-2040]low🔒---
202798Malware Scanner Plugin Setting cross site scripting [CVE-2022-1995]low🔒---
202797Nested Pages Plugin Setting cross site scripting [CVE-2022-1990]low🔒---
202796NextCellent Gallery Plugin Image Setting cross site scriptinglow🔒---
202795Easy SVG Support Plugin cross site scripting [CVE-2022-1964]low🔒---
202794MyCSS Plugin Setting cross-site request forgery [CVE-2022-1960]low🔒---
202793Pricing Tables Plugin cross site scripting [CVE-2022-1904]low🔒---
202792Cimy Header Image Rotator Plugin Setting cross-site request forgerylow🔒---
202791Rotating Posts Plugin Setting cross-site request forgery [CVE-2022-1847]low🔒---
202790Tiny Contact Form Plugin Setting cross-site request forgery [CVE-2022-1846]low🔒---
202789WP Post Styling Plugin cross-site request forgery [CVE-2022-1845]low🔒---
202788MailPress Plugin Setting cross-site request forgery [CVE-2022-1843]low🔒---
202787Popups, Welcome Bar, Optins and Lead Generation Plugin Campaign cross site scriptinglow🔒---
202786Supsystic Social Share Buttons Plugin Admin Page cross-site request forgerylow🔒---
202785My Private Site Plugin Settings cross-site request forgery [CVE-2022-1627]low🔒---
202784New User Approve Plugin Invitation Code cross-site request forgerylow🔒---
202783HTML2WP Plugin Setting cross-site request forgery [CVE-2022-1573]low🔒---
202782HTML2WP Plugin AJAX Action cross-site request forgery [CVE-2022-1572]low🔒---
202781Grid Gallery Plugin Image Field cross site scripting [CVE-2022-1327]low🔒---
202780Contact Form Plugin Custom Text Field cross site scripting [CVE-2022-1326]low🔒---
202779Florist One Flower Delivery Plugin Setting cross site scriptinglow🔒---
202778Mihdan No External Links Plugin Setting cross site scriptinglow🔒---
202777Security Firewall, Malware Scanner, Secure Login and Backup Plugin cross site scriptinglow🔒---
202776Login using WordPress Users Plugin Setting cross site scriptinglow🔒---
202775Backup, Restore and Migrate WordPress Sites with the XCloner Plugin Setting cross-site request forgerylow🔒---
202774Import Export All WordPress Images, Users & Post Types Plugin HTTP Request server-side request forgerymedium🔒---
202773ARMember Plugin AJAX Action authorization [CVE-2022-1903]medium🔒---
202772Active Products Tables for WooCommerce AJAX Action cross site scriptinglow🔒---
202771Ultimate WooCommerce CSV Importer Plugin cross site scriptinglow🔒---
202770Limit Login Attempts Plugin Setting cross site scripting [CVE-2022-1029]low🔒---
202769Product Configurator for WooCommerce Plugin AJAX Action unlink path traversalmedium🔒---
202768Google Authenticator Plugin Setting cross-site request forgerylow🔒---
202767Login With OTP Over SMS, Email, WhatsApp and Google Authenticator Plugin Setting cross site scriptinglow🔒---
202766miniOrange Google Authenticator Plugin cross site scripting [CVE-2022-1321]low🔒---
202765HTML2WP Plugin File Import cross-site request forgery [CVE-2022-1574]low🔒---
202764NAVER Whale Browser Mobile App Incognito Mode access controlmedium🔒---
202763L2Blocker Setup Screen improper authentication [CVE-2022-33202]medium🔒---
202762vim out-of-bounds [CVE-2022-2206]medium🔒---
202761web2py URL redirect [CVE-2022-33146]medium🔒---
202760SourceCodester Library Management System bookdetails.php sql injectionmedium🔒---
202759SourceCodester Library Management System cross site scriptinglow🔒---
202758SourceCodester Library Management System /card/index.php unrestricted uploadmedium🔒---
202757Linux Kernel virtio_rpmsg_bus.c rpmsg_probe double freemedium🔒---
202756Linux Kernel virtio_rpmsg_bus.c rpmsg_virtio_add_ctrl_dev double freemedium🔒---
202755Galaxkey Mail Client cross site scripting [CVE-2020-27509]low🔒---
202754MediaWiki RSS Extension cross site scripting [CVE-2022-34491]low🔒---
202753Raytion cross site scripting [CVE-2022-29931]low🔒---
202752Argo CD resource consumption [CVE-2022-31016]low🔒---
202751wire-webapp mentions cross site scripting [CVE-2022-29168]low🔒---
202750Zulip API Event expression is always true [CVE-2022-31017]low🔒---
202749Espressif Bluetooth Mesh SDK out-of-bounds write [CVE-2022-24893]medium🔒---
202748Ruijie RG-EG350 alarmService.php get_alarmAction sql injectionmedium🔒---
202747miniCMS DAT File cross-site request forgery [CVE-2022-33121]low🔒---
202746EyouCMS Login Page cross site scripting [CVE-2022-33122]low🔒---
202745BigBlueButton Private Message cross site scripting [CVE-2022-27238]low🔒---
202744SysAid Okta SSO xml external entity reference [CVE-2022-23170]low🔒---
202743deep-get-set Incomplete Fix CVE-2020-7715 deep code injectionmedium🔒---
202742Dradis Professional Edition Password Reset Token password recoverymedium🔒---
202741Telesoft VitalPBX Backup System access control [CVE-2022-29330]medium🔒---
202740Dell Wyse Management Suite saveGroupConfigurations Page cross site scriptinglow🔒---
202739Online Student Rate System access control [CVE-2021-39409]medium🔒---
202738GNOME GIMP XCF File gimp_layer_invalidate_boundary denial of servicelow🔒---
202737OFFIS DCMTK DICOM File null pointer dereference [CVE-2022-2121]low🔒---
202736Illumina Local Run Manager path traversal [CVE-2022-1518]medium🔒---
202735Broadcom Symantec Messaging Gateway Active Directory information disclosurelow🔒---
202734Thales Safenet Authentication Client Lock File symlink [CVE-2021-42056]medium🔒---
202733EagleGet Downloader luminati_net_updater_win_eagleget_com privileges managementmedium🔒---
202732Concrete cross site scripting [CVE-2022-30120]low🔒---
202731Concrete view cross site scriptinglow🔒---
202730Concrete [GUID] cross site scriptinglow🔒---
202729underscore-99xp deepValueSearch incorrect regexlow🔒---
202728Dell WMS Device API path traversal [CVE-2022-29097]low🔒---
202727validate-data Mail incorrect regex [CVE-2021-40893]low🔒---
202726Secheron SEPCOS behavioral workflow [CVE-2022-2105]medium🔒---
202725Secheron SEPCOS FTP Server access control [CVE-2022-2103]medium🔒---
202724Illumina Local Run Manager TLS Encryption cleartext transmissionlow🔒---
202723Illumina Local Run Manager improper authorization [CVE-2022-1521]medium🔒---
202722Illumina Local Run Manager unrestricted upload [CVE-2022-1519]high🔒---
202721validate-color RGB String incorrect regex [CVE-2021-40892]low🔒---
202720HPE Version Control Repository Manager Installer Privilege Escalationmedium🔒---
202719Texercise backdoor [CVE-2022-34066]medium🔒---
202718Rondolu-YT-Concate backdoor [CVE-2022-34065]medium🔒---
202717Zibal backdoor [CVE-2022-34064]medium🔒---
202716Catly-Translate backdoor [CVE-2022-34061]medium🔒---
202715Togglee backdoor [CVE-2022-34060]medium🔒---
202714Sixfab-Tool Request backdoor [CVE-2022-34059]medium🔒---
202713Scoptrial Request Package backdoor [CVE-2022-34057]medium🔒---
202712Watertools Request backdoor [CVE-2022-34056]medium🔒---
202711drxhello Request Package backdoor [CVE-2022-34055]medium🔒---
202710Perdido Request Package backdoor [CVE-2022-34054]medium🔒---
202709DR-Web-Engine Request Package backdoor [CVE-2022-34053]medium🔒---
202708Beginner Request Package backdoor [CVE-2022-33004]medium🔒---
202707watools Request Package backdoor [CVE-2022-33003]medium🔒---
202706KGExplore Request Package backdoor [CVE-2022-33002]medium🔒---
202705AAmiles Request Package backdoor [CVE-2022-33001]medium🔒---
202704ML-Scanner Request Package backdoor [CVE-2022-33000]medium🔒---
202703cloudlabeling Request Package backdoor [CVE-2022-32999]medium🔒---
202702cryptoasset-data-downloader Request Package backdoor [CVE-2022-32998]medium🔒---
202701django-navbar-client Request Package backdoor [CVE-2022-32996]medium🔒---
202700Meridian Utility Software information disclosure [CVE-2022-29578]low🔒---
202699OFFIS DCMTK DICOM File path traversal [CVE-2022-2120]low🔒---
202698OFFIS DCMTK DICOM File path traversal [CVE-2022-2119]medium🔒---
202697Secheron SEPCOS SSH Service weak password [CVE-2022-1668]medium🔒---
202696Secheron SEPCOS Web Application insufficiently protected credentialslow🔒---
202695Illumina Local Run Manager unrestricted upload [CVE-2022-1517]high🔒---
202694Concrete CMS ZIP File cleartext transmission [CVE-2022-21829]low🔒---
202693RootInteractive Request Package backdoor [CVE-2022-32997]medium🔒---
202692Secheron SEPCOS Apache privileges management [CVE-2022-2104]medium🔒---
202691HPE Cray Legacy Shasta System Solutions improper authenticationmedium🔒---
202690CRuby/JRuby SanitizerThere cross site scriptinglow🔒---
202689User Photo Plugin unrestricted upload [CVE-2013-1916]medium🔒---
202688pyesasky backdoor [CVE-2022-30885]medium🔒---
202687IBM Jazz Team Server server-side request forgery [CVE-2021-20421]medium🔒---
202686Online Student Rate System index.php cross site scriptinglow🔒---
202685IBM Jazz Team Server information disclosure [CVE-2021-20551]low🔒---
202684IBM Jazz Team Server server-side request forgery [CVE-2021-20544]medium🔒---
202683Trojan-Mailfinder.Win32.VB.p permissionmedium🔒---
202682Backdoor.Win32.Shark.btu permissionmedium🔒---
202681Backdoor.Win32.InfecDoor.17.c permissionmedium🔒---
202680Yashma Ransomware Builder permissionmedium🔒---
202679IBM Robotic Process Automation Access Token information disclosurelow🔒---
202678IBM Cognos Analytics Cloud Storage Page information disclosurelow🔒---
202677Secheron SEPCOS PHP Script behavioral workflow [CVE-2022-1667]low🔒---
202676OpenCart filemanager.php path traversalmedium🔒---
202675MantisBT SVG Document file_download.php cross site scriptinglow🔒---
202674IBM Robotic Process Automation Web UI cross site scripting [CVE-2022-22502]low🔒---
202673IBM Planning Analytics/Cognos Analytics Web UI cross site scriptinglow🔒---
202672IBM Jazz Team Server Web UI cross site scripting [CVE-2021-38871]low🔒---
202671Concrete upload path traversalmedium🔒---
202670IBM CICS TX Standard/CICS TX Advanced Request os command injectionhigh🔒---
202669IBM Cognos Analytics unrestricted upload [CVE-2021-38945]medium🔒---
202668IBM Jazz Team Server cookie httponly flag [CVE-2021-38879]low🔒---
202667IBM Jazz Team Server clickjacking [CVE-2021-29865]low🔒---
202666IBM Jazz Team Server cross site scripting [CVE-2021-20543]low🔒---
202665IBM Jazz Team Server cookie httponly flag [CVE-2021-20355]low🔒---
202664Secheron SEPCOS File Upload behavioral workflow [CVE-2022-2102]medium🔒---
202663IBM DB2 SQL Statement denial of service [CVE-2022-22389]low🔒---
202662IBM DB2 Table information disclosure [CVE-2022-22390]low🔒---
202661Cisco ASA ASDM Image data authenticity [CVE-2022-20829]medium🔒---
202660Cisco ASA FirePOWER Module undefined parameters [CVE-2022-20828]medium🔒---
202659Schneider Electric Geo SCADA Mobile exposure of resource [CVE-2022-32530]medium🔒---
202658MELAG FTP Server Configuration File cleartext storage in a file or on disklow🔒---
202657MELAG FTP Server FTP Configuration File access control [CVE-2021-41637]medium🔒---
202656MELAG FTP Server information disclosure [CVE-2021-41634]low🔒---
202655MELAG FTP Server improper authentication [CVE-2021-41638]medium🔒---
202654MELAG FTP Server CWD Command access control [CVE-2021-41636]medium🔒---
202653MELAG FTP Server unnecessary privileges [CVE-2021-41635]medium🔒---
202652CODESYS Products exceptional condition [CVE-2022-1965]low🔒---
202651CODESYS PLCWinNT and Runtime Toolkit 32 Password Protection insecure default initialization of resourcehigh🔒---
202650CODESYS Gateway Server TCP Client Connection resource consumptionlow🔒---
202649CODESYS Gateway Server partial string comparison [CVE-2022-31802]low🔒---
202648CODESYS Products File Download/File Upload file access [CVE-2022-32143]medium🔒---
202647CODESYS Products Local File out-of-range pointer offset [CVE-2022-32142]medium🔒---
202646CODESYS Products Request buffer over-read [CVE-2022-32141]medium🔒---
202645CODESYS Products buffer overflow [CVE-2022-32140]medium🔒---
202644CODESYS Products out-of-bounds [CVE-2022-32139]medium🔒---
202643CODESYS Products Request unexpected sign extension [CVE-2022-32138]medium🔒---
202642CODESYS Products Request heap-based overflow [CVE-2022-32137]medium🔒---
202641EMCO Products uninitialized pointer [CVE-2022-32136]medium🔒---
202640CODESYS Development System unprotected transport of credentialslow🔒---
202639CODESYS Gateway Server Request allocation of resources [CVE-2022-31804]medium🔒---
202638Jenkins vRealize Orchestrator Plugin HTTP POST Request cross-site request forgerylow🔒---
202637ThreadFix Plugin cross-site request forgery [CVE-2022-34209]low🔒---
202636Beaker Builder Plugin cross-site request forgery [CVE-2022-34207]low🔒---
202635Jianliao Notification Plugin HTTP POST Request cross-site request forgerylow🔒---
202634EasyQA Plugin cross-site request forgery [CVE-2022-34203]low🔒---
202633Convertigo Mobile Platform Plugin cross-site request forgerylow🔒---
202632Stash Branch Parameter Plugin cross site scripting [CVE-2022-34198]low🔒---
202631Sauce OnDemand Plugin cross site scripting [CVE-2022-34197]low🔒---
202630REST List Parameter Plugin cross site scripting [CVE-2022-34196]low🔒---
202629Repository Connector Plugin Maven Repository Artifact cross site scriptinglow🔒---
202628Readonly Parameter Plugin cross site scripting [CVE-2022-34194]low🔒---
202627Package Version Plugin cross site scripting [CVE-2022-34193]low🔒---
202626ontrack Plugin cross site scripting [CVE-2022-34192]low🔒---
202625NS-ND Integration Performance Publisher Plugin NetStorm Test cross site scriptinglow🔒---
202624Maven Metadata Plugin for Jenkins CI Server List Maven Artifact Versions cross site scriptinglow🔒---
202623Image Tag Parameter Plugin cross site scripting [CVE-2022-34189]low🔒---
202622Hidden Parameter Plugin cross site scripting [CVE-2022-34188]low🔒---
202621Filesystem List Parameter Plugin File System Object cross site scriptinglow🔒---
202620Dynamic Extended Choice Parameter Plugin Moded Extended Choice cross site scriptinglow🔒---
202619Date Parameter Plugin cross site scripting [CVE-2022-34185]low🔒---
202618CRX Content Package Deployer Plugin CRX Content Package Choice cross site scriptinglow🔒---
202617Agent Server Parameter Plugin cross site scripting [CVE-2022-34183]low🔒---
202616Nested View Plugin Search Parameter cross site scripting [CVE-2022-34182]low🔒---
202615Embeddable Build Status Plugin Query Parameter cross site scriptinglow🔒---
202614JUnit Plugin Test Result cross site scripting [CVE-2022-34176]low🔒---
202613Simple Bakery Shop Management cross site scripting [CVE-2022-32987]low🔒---
202612Jenkins Build Button cross site scripting [CVE-2022-34173]low🔒---
202611Jenkins Symbol-based Icons cross site scripting [CVE-2022-34172]low🔒---
202610Jenkins SVG Icon cross site scripting [CVE-2022-34171]low🔒---
202609Jenkins Help Icon cross site scripting [CVE-2022-34170]low🔒---
202608FlatPress Blog Content cross site scripting [CVE-2021-41432]low🔒---
202607Dell BIOS SMM input validation [CVE-2022-26864]medium🔒---
202606Dell BIOS SMM input validation [CVE-2022-26863]medium🔒---
202605Dell BIOS SMM input validation [CVE-2022-26862]medium🔒---
202604Squash TM Publisher Plugin Configuration File credentials storagelow🔒---
202603vRealize Orchestrator Plugin HTTP POST Request authorizationmedium🔒---
202602ThreadFix Plugin URL authorization [CVE-2022-34210]medium🔒---
202601Beaker Builder Plugin URL authorization [CVE-2022-34208]medium🔒---
202600Jianliao Notification Plugin HTTP POST Request authorizationmedium🔒---
202599EasyQA Plugin HTTP Server authorization [CVE-2022-34204]medium🔒---
202598EasyQA Plugin Configuration File credentials storage [CVE-2022-34202]low🔒---
202597Convertigo Mobile Platform Plugin URL authorization [CVE-2022-34201]medium🔒---
202596Convertigo Mobile Platform Plugin Job config.xml credentials storagelow🔒---
202595SourceCodester Prison Management System view_prison.php sql injectionmedium🔒---
202594SourceCodester Prison Management System manage_inmate.php sql injectionmedium🔒---
202593SourceCodester Prison Management System manage_record.php sql injectionmedium🔒---
202592SourceCodester Prison Management System manage_prison.php sql injectionmedium🔒---
202591SourceCodester Prison Management System manage_privilege.php sql injectionmedium🔒---
202590SourceCodester Prison Management System manage_user.php sql injectionmedium🔒---
202589SourceCodester Prison Management System view_crime.php sql injectionmedium🔒---
202588SourceCodester Prison Management System manage_cell.php sql injectionmedium🔒---
202587SourceCodester Prison Management System view_visit.php sql injectionmedium🔒---
202586SourceCodester Prison Management System manage_visit.php sql injectionmedium🔒---
202585SourceCodester Prison Management System manage_crime.php sql injectionmedium🔒---
202584SourceCodester Prison Management System view_inmate.php sql injectionmedium🔒---
202583SourceCodester Prison Management System view_cell.php sql injectionmedium🔒---
202582SourceCodester Prison Management System manage_action.php sql injectionmedium🔒---
202581SourceCodester Prison Management System view_action.php sql injectionmedium🔒---
202580xUnit Plugin Agent-to-Controller Message protection mechanismmedium🔒---
202579Embeddable Build Status Plugin HTTP Endpoint authorization [CVE-2022-34180]medium🔒---
202578Embeddable Build Status Plugin Query Parameter path traversalmedium🔒---
202577Pipeline Input Step Plugin Archive File path traversal [CVE-2022-34177]medium🔒---
202576Jfinal CMS Publish Blog Module cross site scripting [CVE-2022-33113]low🔒---
20257574cmsSE show cross site scriptinglow🔒---
20257474cmsSE nature cross site scriptinglow🔒---
20257374cmsSE trade cross site scriptinglow🔒---
20257274cmsSE im cross site scriptinglow🔒---
20257174cmsSE total cross site scriptinglow🔒---
202570Company 74cmsSE company cross site scriptinglow🔒---
20256974cmsSE job cross site scriptinglow🔒---
20256874cmsSE cross site scripting [CVE-2022-32124]low🔒---
202567vim out-of-bounds [CVE-2022-2183]medium🔒---
202566vim heap-based overflow [CVE-2022-2182]medium🔒---
202565tinyexr DecodePixelData heap-based overflowmedium🔒---
202564libdwarf dwarf_global_formref_b heap-based overflowmedium🔒---
202563OpenAM NT Auth Module Privilege Escalation [CVE-2022-34298]low🔒---
202562Zalando Skipper Request access control [CVE-2022-34296]medium🔒---
202561totd Mesg ID random values [CVE-2022-34295]low🔒---
202560Jenkins Fragment protection mechanism [CVE-2022-34175]low🔒---
202559OneBlog permission [CVE-2022-34012]medium🔒---
202558Diffy diff Tool Privilege Escalation [CVE-2022-33127]low🔒---
202557Ethereum Solidity SMTEncoder.cpp indexOrMemberAssignment assertionlow🔒---
202556HarfBuzz hb-ot-shape-fallback.cc denial of servicelow🔒---
202555LibreDWG decode.c decode_preR13_entities assertionlow🔒---
202554Bosch PRA-ES8P2S Web Server privileges management [CVE-2022-32536]medium🔒---
202553Bosch PRA-ES8P2S Diagnostics Web Interface os command injectionmedium🔒---
202552IdeaTMS sql injection [CVE-2022-31787]medium🔒---
202551Algo IP Zone Paging Adapter Web Request fm-data.lua pathname traversalmedium🔒---
202550Cloudflare Warp unquoted search path [CVE-2022-2147]medium🔒---
202549Google Go Non-zero Flag Parameter Faccessat Privilege Escalationlow🔒---
202548VMware Spring Data MongoDB SpEL Expression injection [CVE-2022-22980]medium🔒---
202547LaikeTui Menu Management sql injection [CVE-2021-40956]medium🔒---
202546LaikeTui Background Administrator List sql injection [CVE-2021-40955]medium🔒---
202545LaikeTui unrestricted upload [CVE-2021-40954]medium🔒---
202544OneBlog Link Module server-side request forgery [CVE-2022-34013]medium🔒---
202543OneBlog server-side request forgery [CVE-2022-34011]medium🔒---
202542Jfinal CMS list sql injectionmedium🔒---
20254174cmsSE campus_job sql injectionmedium🔒---
20254074cmsSE index sql injectionmedium🔒---
20253974cmsSE resumelist sql injectionmedium🔒---
20253874cmsSE map sql injectionmedium🔒---
20253774cmsSE resume_list sql injectionmedium🔒---
20253674cmsSE index sql injectionmedium🔒---
202535Docebo Community Edition unrestricted upload [CVE-2022-31362]medium🔒---
202534Docebo Community Edition sql injection [CVE-2022-31361]medium🔒---
202533SaltStack Salt PAM Auth improper authorization [CVE-2022-22967]medium🔒---
202532Jenkins Login Form timing discrepancy [CVE-2022-34174]low🔒---
202531aiohttp IPv6 URL denial of service [CVE-2022-33124]low🔒---
202530Redis streamGetEdgeID memory leaklow🔒---
202529Protobuf-c protobuf-c.c parse_tag_and_wiretype denial of servicelow🔒---
202528Lrzip lrzip.c get_magic denial of servicelow🔒---
202527LibreDWG decode_r2007.c copy_bytes stack-based overflowmedium🔒---
202526LibreDWG dwg.c dwg_read_file double freemedium🔒---
202525LibreDWG decode_r11.c decode_preR13_section_hdr heap-based overflowmedium🔒---
202524LibreDWG decode.c dwg_add_object heap-based overflowmedium🔒---
202523LibreDWG dwg.c dwg_add_handleref use after freemedium🔒---
202522LibreDWG bits.c bit_calc_CRC heap-based overflowmedium🔒---
202521LibreDWG decode_r11.c decode_preR13_section use after freemedium🔒---
202520Pure Storage Purity FA/Purity FB Management Interface hard-coded credentialsmedium🔒---
202519Bosch PRA-ES8P2S Web Server unnecessary privileges [CVE-2022-32535]low🔒---
202518S&D Smarthome improper authentication [CVE-2021-26638]medium🔒---
202517SiHAS SGW-300/ACM-300/GCM-300 Firmware improper authenticationhigh🔒---
202516MaxBoard sql injection [CVE-2021-26636]medium🔒---
202515Pure Storage Purity FA/Purity FB Restricted Shell access controlmedium🔒---
202514jenaye PMB index.php cross site scriptinglow🔒---
202513Pure Storage Purity FA/Purity FB Restricted Shell access controlmedium🔒---
202512SourceCodester School File Management System Update Account Form student_profile.php cross site scriptinglow🔒---
202511SourceCodester School File Management System Update Account Form student_profile.php cross site scriptinglow🔒---
202510vim buffer overflow [CVE-2022-2175]medium🔒---
202509wire-ios Accent Color assertion [CVE-2022-31009]low🔒---
202508Apache Tomcat Form Authentication Example cross site scriptinglow🔒---
202507Google Chrome URL Format Remote Code Execution [CVE-2022-2165]medium🔒---
202506Google Chrome Extensions API Privilege Escalation [CVE-2022-2164]low🔒---
202505Google Chrome Cast UI/Toolbar use after free [CVE-2022-2163]medium🔒---
202504Google Chrome File System API protection mechanism [CVE-2022-2162]low🔒---
202503Google Chrome WebApp Provider use after free [CVE-2022-2161]medium🔒---
202502Google Chrome protection mechanism [CVE-2022-2160]low🔒---
202501Google Chrome V8 type confusion [CVE-2022-2158]medium🔒---
202500Google Chrome Interest Groups use after free [CVE-2022-2157]medium🔒---
202499Google Chrome Base use after free [CVE-2022-2156]medium🔒---
202498openlibrary cross site scripting [CVE-2022-32159]low🔒---
202497openlibrary cross site scripting [CVE-2022-23081]low🔒---
202496directus Media Upload server-side request forgery [CVE-2022-23080]medium🔒---
202495Apache Sling Commons Log/Sling API neutralization for logs [CVE-2022-32549]medium🔒---
202494Cisco Adaptive Security Device Manager log file [CVE-2022-20651]low🔒---
202493microweber cross site scripting [CVE-2022-2174]low🔒---
202492habitica Login Page cross site scripting [CVE-2022-23077]low🔒---
202491motor-admin Password Reset escape output [CVE-2022-23079]medium🔒---
202490habitica Login Page redirect [CVE-2022-23078]low🔒---
202489SUSE Manager Server spacewalk-java resource consumption [CVE-2022-21952]low🔒---
202488SUSE Manager Server spacewalk-java information exposure [CVE-2022-31248]low🔒---
202487Frappe ERPNext Profile cross site scripting [CVE-2022-23057]low🔒---
202486Frappe ERPNext My Settings Page cross site scripting [CVE-2022-23058]low🔒---
202485Frappe ERPNext Patient History Page cross site scripting [CVE-2022-23056]low🔒---
202484Frappe ERPNext Chat Room authorization [CVE-2022-23055]medium🔒---
202483Unioncms Default Setting cross site scripting [CVE-2022-25585]low🔒---
202482NukeViet cross site scripting [CVE-2022-30874]low🔒---
202481IdeaLMS cross site scripting [CVE-2022-31786]low🔒---
202480Webkul krayin cross site scripting [CVE-2021-41924]low🔒---
202479UserTakeOver Search information disclosure [CVE-2022-31478]low🔒---
202478OBDA Mastro xml entity expansion [CVE-2021-40511]low🔒---
202477Qlik Sense GeoAnalytics server-side request forgery [CVE-2021-36761]medium🔒---
202476Comodo Antivirus Quarantine access control [CVE-2022-34008]medium🔒---
202475Tenable Nessus PowerShell cmdlet Check access control [CVE-2022-32973]medium🔒---
202474iSpyConnect iSpy URL improper authentication [CVE-2022-29775]medium🔒---
202473iSpyConnect iSpy path traversal [CVE-2022-29774]medium🔒---
202472Quectel RG502Q-EA os command injection [CVE-2022-26147]medium🔒---
202471Hyland Onbase Application Server/OnBase Connect information disclosurelow🔒---
202470Atlas VPN Named Pipe access control [CVE-2022-23171]medium🔒---
202469VMware Spring Cloud Function Function Catalog allocation of resourceslow🔒---
202468discourse-chat Chat Message Lookup Endpoint information disclosurelow🔒---
202467OBDA Mastro DTD xml external entity reference [CVE-2021-40510]low🔒---
202466Devolutions Remote Desktop Manager Entry Attachment path traversalmedium🔒---
202465oretnom23 Online Railway Reservation System sql injection [CVE-2022-33049]medium🔒---
202464Tenable Nessus Compliance Audit File information disclosure [CVE-2022-32974]low🔒---
202463Autodesk Navisworks PDF File Parser null pointer dereferencelow🔒---
202462Autodesk AutoCAD PDFTron buffer overflow [CVE-2022-27871]medium🔒---
202461Autodesk AutoCAD TGA File Parser buffer overflow [CVE-2022-27870]medium🔒---
202460Autodesk AutoCAD CAT File use after free [CVE-2022-27868]medium🔒---
202459Autodesk AutoCAD JT File use after free [CVE-2022-27867]medium🔒---
202458Red Hat AMQ Broker Operator default permission [CVE-2022-1833]medium🔒---
202457ABB REX640 PCL1/REX640 PCL2/REX640 PCL3 User Database File permission assignmentmedium🔒---
202456Autodesk AutoCAD TIFF File Parser buffer overflow [CVE-2022-27869]medium🔒---
202455IBM IBM QRadar WinCollect Agent information disclosure [CVE-2021-39006]low🔒---
202454OpenSSL Incomplete Fix CVE-2022-1292 c_rehash os command injectionmedium🔒---
202453oretnom23 Online Railway Reservation System manage_schedule.php sql injectionmedium🔒---
202452oretnom23 Online Railway Reservation System manage_train.php sql injectionmedium🔒---
202451oretnom23 Online Railway Reservation System view_details.php sql injectionmedium🔒---
202450Red Hat Enterprise Linux Kernel hard-coded key [CVE-2022-1665]high🔒---
202449Maccms10 cross site scripting [CVE-2022-31303]low🔒---
202448maccms8 cross site scripting [CVE-2022-31302]low🔒---
202447Siemens SIMATIC WinCC OA improper authentication [CVE-2022-33139]medium🔒---
202446Nginx NJS njs_vmcode.c njs_vmcode_interpreter Privilege Escalationlow🔒---
202445Nginx NJS njs_string.c njs_string_offset Privilege Escalationlow🔒---
202444Nginx NJS njs_array.c njs_array_convert_to_slow_array Privilege Escalationlow🔒---
202443NUUO Network Video Recorder NVRsolo login.php cross site scriptinglow🔒---
202442Contec SolarView Compact 1.php unrestricted uploadmedium🔒---
202441Contec SolarView Compact Solar_AiConf.php cross site scriptinglow🔒---
202440Recipes cross site scripting [CVE-2022-23074]low🔒---
202439Recipes Clipboard cross site scripting [CVE-2022-23073]low🔒---
202438Recipes Add to Cart cross site scripting [CVE-2022-23072]low🔒---
202437Phoenix Contact Product data authenticity [CVE-2022-31801]high🔒---
202436Phoenix Contact Product data authenticity [CVE-2022-31800]high🔒---
202435GLPI Inventory Plugin System Files index.php path traversalmedium🔒---
202434polonel trudesk unrestricted upload [CVE-2022-2128]medium🔒---
202433inventree resource consumption [CVE-2022-2134]low🔒---
202432JerryScript ecma-helpers.c ecma_get_lex_env_type stack-based overflowmedium🔒---
202431JerryScript ecma-helpers-string.c ecma_compare_ecma_non_direct_strings use after freemedium🔒---
202430Knot Resolver Filter dns rebinding [CVE-2022-32983]low🔒---
202429vim grab_file_name buffer overflowmedium🔒---
202428IBM Curam Social Program Management session expiration [CVE-2022-22318]medium🔒---
202427IBM Robotic Process Automation Web Service Configuration information disclosurelow🔒---
202426Mahara thumb.php permissionlow🔒---
202425IBM Curam Social Program Management session expiration [CVE-2022-22317]medium🔒---
202424Fujitsu ETERNUS CentricStor CS8000 grel.php grel_finfo os command injectionmedium🔒---
202423Fujitsu ETERNUS CentricStor CS8000 POST Parameter hw_view.php requestTempFile os command injectionmedium🔒---
202422microweber cross site scripting [CVE-2022-2130]low🔒---
202421McAfee Consumer Product Removal Tool uncontrolled search pathmedium🔒---
202420McAfee Consumer Product Removal Tool Configuration File permissionmedium🔒---
202419Mautic Web Tracking cross site scripting [CVE-2022-25772]low🔒---
202418Amazon Einzeltitellinks Plugin Setting cross-site request forgerylow🔒---
202417Multi-Page Toolkit Plugin Setting cross-site request forgerylow🔒---
202416Colorlib Coming Soon & Maintenance Mode Plugin Setting cross site scriptinglow🔒---
202415WP Zillow Review Slider Plugin Setting cross site scripting [CVE-2022-1915]low🔒---
202414underConstruction Plugin Display a custom page using your own HTML cross site scriptinglow🔒---
202413underConstruction Plugin cross-site request forgery [CVE-2022-1895]low🔒---
202412Newsletter Plugin Setting cross site scripting [CVE-2022-1889]low🔒---
202411CaPa Protect Plugin Setting cross-site request forgery [CVE-2022-1832]low🔒---
202410WPlite Plugin Setting cross-site request forgery [CVE-2022-1831]low🔒---
202409PDF24 Articles to PDF Plugin cross-site request forgery [CVE-2022-1828]low🔒---
202408PDF24 Article To PDF Plugin cross-site request forgery [CVE-2022-1827]low🔒---
202407Cross-Linker Plugin cross-site request forgery [CVE-2022-1826]low🔒---
202406Custom Share Buttons with Floating Sidebar Plugin cross site scriptinglow🔒---
202405WP-EMail Plugin cross-site request forgery [CVE-2022-1630]low🔒---
202404Seamless Donations Plugin Setting cross-site request forgerylow🔒---
202403Mail Subscribe List Plugin cross-site request forgery [CVE-2022-1603]low🔒---
202402Post Grid, Slider & Carousel Ultimate Plugin cross site scriptinglow🔒---
202401PrintFriendly Print, PDF, Email Plugin Custom Button Text Setting cross site scriptinglow🔒---
202400Ocean Extra Plugin cross site scripting [CVE-2021-25104]low🔒---
202399XML Sitemaps Plugin Debug Page cross site scripting [CVE-2021-25088]low🔒---
202398Events Made Easy Plugin sql injection [CVE-2022-1905]medium🔒---
202397Very Simple Contact Form Plugin Hidden Input Field improper authenticationmedium🔒---
IDTitleVulDBCVSSSecuniaXForceNessus
202396Better Find and Replace Plugin sql injection [CVE-2022-1472]medium🔒---
202395Inline Google Maps Plugin Setting cross-site request forgerylow🔒---
202394Bestwebsoft Rating Plugin resource consumption [CVE-2021-25121]low🔒---
202393Cisco Catalyst 2940 Error Page cross site scripting [CVE-2022-31734]low🔒---
202392Allow svg Files Plugin unrestricted upload [CVE-2022-1939]medium🔒---
202391WP-EMail Plugin access control [CVE-2022-1614]medium🔒---
202390Realtek USB Driver API buffer overflow [CVE-2022-21742]medium🔒---
202389Asus Control Center sql injection [CVE-2022-26669]medium🔒---
202388NHI Health Care Card Web Service heap-based overflow [CVE-2021-45918]medium🔒---
202387Asus Control Center API access control [CVE-2022-26668]medium🔒---
202386polonel trudesk API incorrect privileged apis [CVE-2022-2023]medium🔒---
202385libjxl low_memory_render_pipeline.cc Init assertionlow🔒---
202384vim out-of-bounds write [CVE-2022-2129]medium🔒---
202383vim out-of-bounds [CVE-2022-2126]low🔒---
202382vim heap-based overflow [CVE-2022-2125]medium🔒---
202381South River Technologies TitanFTP NextGen Microsoft SQL Express hard-coded passwordlow🔒---
202380South River Technologies TitanFTP NextGen Microsoft SQL Express access controlmedium🔒---
202379Recipes Import server-side request forgery [CVE-2022-23071]medium🔒---
202378vim buffer overflow [CVE-2022-2124]medium🔒---
202377got Package Unix Socket access control [CVE-2022-33987]medium🔒---
202376libjpeg-turbo PPM Reader rdppm.c get_word_rgb_row heap-based overflowmedium🔒---
202375python-ldap LDAP Schema Parser incorrect regex [CVE-2021-46823]medium🔒---
202374Linux Kernel Concurrency floppy.c raw_cmd_ioctl use after freemedium🔒---
202373Trendnet IP-110wn scheprofile.cgi cross site scriptinglow🔒---
202372Trendnet IP-110wn general.cgi cross site scriptinglow🔒---
202371Asus RT-N53 apply.cgi command injectionmedium🔒---
202370querymen Incomplete Fix CVE-2020-7600 handler code injectionmedium🔒---
202369Argo Events API GitArtifactReader.Read pathname traversalmedium🔒---
202368pg-native Addon denial of service [CVE-2022-25852]low🔒---
202367mout Incomplete Fix CVE-2020-7792 deepFill denial of servicelow🔒---
202366fast-string-search out-of-bounds [CVE-2022-25872]low🔒---
202365discordjs opus denial of service [CVE-2022-25345]low🔒---
202364fast-string-search V8 denial of service [CVE-2022-22138]low🔒---
202363Netgear WNAP320 Cookie recreate.php access controllow🔒---
202362Oracle Cloud Services information disclosure [CVE-2022-21503]low🔒---
202361oretnom23 Rescue Dispatch Management System sql injection [CVE-2022-31941]medium🔒---
202360Blynk -Library Network Request BlynkConsole.h stack-based overflowmedium🔒---
202359Bachmann Visutec Atvise License Registration cleartext transmissionlow🔒---
202358Anker Eufy Homebase mips_collector use after freemedium🔒---
202357Parse Server Apple Game Center Auth Adapter improper authenticationmedium🔒---
202356u5cms Default Home Page cross site scripting [CVE-2022-32442]low🔒---
202355Proietti Planet Time Enterprise Privilege Escalation [CVE-2022-30422]medium🔒---
202354IBM Robotic Process Automation Control Center UI information disclosurelow🔒---
202353u5cms loginsave.php redirectmedium🔒---
202352IBM Spectrum Protect Operations Center Sign-on excessive authenticationlow🔒---
202351Electrum file URL paymentrequest.py Privilege Escalationlow🔒---
202350Anselal Antminer Monitor Flask Server backdoor [CVE-2021-40903]medium🔒---
202349janobe Online Ordering System sql injection [CVE-2022-31357]medium🔒---
202348janobe Online Ordering System sql injection [CVE-2022-31356]medium🔒---
202347janobe Online Ordering System sql injection [CVE-2022-31355]medium🔒---
202346inventree cross site scripting [CVE-2022-2113]low🔒---
202345ASG Zena Cross Platform Server Enterprise Edition cross site scriptinglow🔒---
202344Grafana UI access control [CVE-2022-32276] [Disputed]medium🔒---
202343ASG Zena Cross Platform Server Enterprise Edition xml external entity referencelow🔒---
202342inventree csv injection [CVE-2022-2112]low🔒---
202341inventree unrestricted upload [CVE-2022-2111]medium🔒---
202340ASG Zena Cross Platform Server Enterprise Edition Cookie missing encryptionlow🔒---
202339OMPL LazyPRM.cpp memory leaklow🔒---
202338Mitel MiVoice Business/MiVoice Business Express Management Interface buffer overflowmedium🔒---
202337Checkmk permission [CVE-2022-33912]medium🔒---
202336Amazon AWS Apache Log4j Hotpatch Package race condition [CVE-2022-33915]medium🔒---
202335VoIPmonitor Web GUI api.php sql injectionmedium🔒---
202334zzcms ztliuyan_sendmail.php sql injectionmedium🔒---
202333zzcms Cookie dl_sendsms.php sql injectionmedium🔒---
202332zzcms deluser.php sql injectionmedium🔒---
202331zzcms dls_download.php sql injectionmedium🔒---
202330zzcms dls_print.php sql injectionmedium🔒---
202329zzcms showbad.php sql injectionmedium🔒---
202328zzcms dl_sendmail.php sql injectionmedium🔒---
202327zzcms Cookie dl_sendmail.php sql injectionmedium🔒---
202326SourceCodester Online Discussion Forum Site view_post.php sql injectionmedium🔒---
202325Joplin Desktop App cross site scripting [CVE-2021-33295]low🔒---
202324TRENDnet TEW-831DR Web Interface cross-site request forgery [CVE-2022-30327]low🔒---
202323TRENDnet TEW-831DR Web Interface basic.config cross site scriptinglow🔒---
202322Broadcom CA Automic Automation Agent Privilege Escalation [CVE-2022-33753]medium🔒---
202321Haraj User Upgrade Form cross site scripting [CVE-2022-31299]low🔒---
202320TRENDnet TEW-831DR Web Interface os command injection [CVE-2022-30329]medium🔒---
202319TRENDnet TEW-831DR Web Interface password recovery [CVE-2022-30328]medium🔒---
202318JForum jforum.page cross-site request forgerylow🔒---
202317ImageMagick property.c memory corruptionmedium🔒---
202316ImageMagick pcl.c integer overflowlow🔒---
202315Imagemagick psd.c integer overflowlow🔒---
202314Adaware Protect permission [CVE-2022-31464]medium🔒---
202313Haraj Post Ads cross site scripting [CVE-2022-31301]low🔒---
202312Ghostscript null pointer dereference [CVE-2022-2085]low🔒---
202311Nokia VitalSuite SPM sql injection [CVE-2021-41487]medium🔒---
202310Broadcom CA Automic Automation AutomationEngine entropy [CVE-2022-33756]medium🔒---
202309Broadcom CA Automic Automation Agent information disclosure [CVE-2022-33755]low🔒---
202308Broadcom CA Automic Automation Agent input validation [CVE-2022-33754]medium🔒---
202307Broadcom CA Automic Automation Agent input validation [CVE-2022-33752]medium🔒---
202306Broadcom CA Automic Automation Agent buffer overflow [CVE-2022-33751]medium🔒---
202305Broadcom CA Automic Automation Agent improper authenticationmedium🔒---
202304Broadcom CA Clarity XML Parser information disclosure [CVE-2022-33739]low🔒---
202303TRENDnet TEW-831DR Wi-Fi hard-coded key [CVE-2022-30325]low🔒---
202302D-Link DIR-850L WPA Handshake authentication bypass [CVE-2018-18907]medium🔒---
202301SourceCodester Online Discussion Forum Site delete_post denial of servicelow🔒---
202300PowerJob save Privilege Escalationmedium🔒---
202299WeBank FATE Training hetero_decision_tree_guest.py sync_tree information disclosurelow🔒---
202298SourceCodester Online Discussion Forum Site User Account save_users Remote Code Executionmedium🔒---
202297OPC Foundation OPC UA .NET Standard Message memory allocationlow🔒---
202296OPC Foundation OPC UA .NET Standard Request resource consumptionlow🔒---
202295OPC Foundation OPC UA .NET Standard Message resource consumptionlow🔒---
202294IObit IOTransfer Airserv Remote Code Execution [CVE-2022-24562]medium🔒---
202293Adobe InCopy when parsing out-of-bounds [CVE-2022-30651]low🔒---
202292Saturday Drive Ninja Forms Contact Form Plugin cross site scriptinglow🔒---
202291Adobe Animate out-of-bounds write [CVE-2022-30664]medium🔒---
202290Adobe InCopy use after free [CVE-2022-30657]medium🔒---
202289Adobe InCopy out-of-bounds write [CVE-2022-30656]medium🔒---
202288Adobe InCopy use after free [CVE-2022-30655]medium🔒---
202287Adobe InCopy heap-based overflow [CVE-2022-30654]medium🔒---
202286Adobe InCopy out-of-bounds write [CVE-2022-30653]medium🔒---
202285Adobe InCopy out-of-bounds write [CVE-2022-30652]medium🔒---
202284Adobe InCopy heap-based overflow [CVE-2022-30650]medium🔒---
202283webTareas editfolder.php cross site scriptinglow🔒---
202282webTareas editproject.php cross site scriptinglow🔒---
202281Victor CMS admin_edit_comment.php sql injectionmedium🔒---
202280XOS-Shop categories.php denial of servicelow🔒---
202279XOS-Shop manufacturers.php denial of servicelow🔒---
202278Zoo Management System cross site scripting [CVE-2022-31914]low🔒---
202277Haraj ads Comment Section cross site scripting [CVE-2022-31298]low🔒---
202276Synaptics Fingerprint Driver synaTEE.signed.dll heap-based overflowlow🔒---
202275Haraj DM Section cross site scripting [CVE-2022-31300]low🔒---
202274GENIVI dlt-daemon TCP Packet dlt_config_file_parser.c double freemedium🔒---
202273Adobe RoboHelp Server improper authorization [CVE-2022-30670]medium🔒---
202272Tenda ONT GPON AC1200 Ping command injection [CVE-2022-30023]medium🔒---
202271MaianAffiliate Admin Panel cross site scripting [CVE-2021-41420]low🔒---
202270OPC Foundation OPC UA .NET Standard improper authentication [CVE-2022-29865]medium🔒---
202269OPC Foundation OPC UA .NET Standard Message infinite loop [CVE-2022-29862]low🔒---
202268Autodesk 3ds Max TIFF File Parser buffer overflow [CVE-2022-27532]medium🔒---
202267Xiaomi Lamp 1 POST Request authentication replay [CVE-2022-31277]medium🔒---
202266Autodesk 3ds Max TIF File Parser buffer overflow [CVE-2022-27531]medium🔒---
202265VMware HCX information disclosure [CVE-2022-22953]low🔒---
202264Wiris MathType path traversal [CVE-2022-31372]medium🔒---
202263Adobe InDesign out-of-bounds write [CVE-2022-30665]medium🔒---
202262Adobe InDesign out-of-bounds write [CVE-2022-30663]medium🔒---
202261Adobe InDesign out-of-bounds write [CVE-2022-30662]medium🔒---
202260Adobe InDesign heap-based overflow [CVE-2022-30661]medium🔒---
202259Adobe InDesign out-of-bounds write [CVE-2022-30660]medium🔒---
202258Adobe InDesign out-of-bounds write [CVE-2022-30659]medium🔒---
202257Adobe InDesign heap-based overflow [CVE-2022-30658]medium🔒---
202256Mercury MIPC451 POST Request Privilege Escalation [CVE-2022-31849]medium🔒---
202255Online Tutor Portal Site Master.php cross site scriptinglow🔒---
202254oretnom23 Online Fire Reporting System Master.php cross site scriptinglow🔒---
202253Student Registration and Fee Payment System student.php sql injectionmedium🔒---
202252Online Discussion Forum Site cross site scripting [CVE-2022-31913]low🔒---
202251Online Tutor Portal Site sql injection [CVE-2022-31912]medium🔒---
202250Directory Management System add-directory.php sql injectionmedium🔒---
202249Directory Management System view-directory.php sql injectionmedium🔒---
202248Directory Management System search-dirctory.php sql injectionmedium🔒---
202247Apple Swift JSON Document type conversion [CVE-2022-1642]low🔒---
202246MaianAffiliate Admin Panel code injection [CVE-2021-41421]medium🔒---
202245Online Discussion Forum Site sql injection [CVE-2022-31911]medium🔒---
202244Wuzhicms index.php sql injectionmedium🔒---
202243KIE Drools KieModuleMarshaller.java Validator xml external entity referencelow🔒---
202242GPAC MP4Box error.c stack-based overflowlow🔒---
202241kromitgmbh titra weak password [CVE-2022-2098]medium🔒---
202240flatCore-CMS Privilege Escalation [CVE-2021-41402]medium🔒---
202239PHP Parametrized Query uninitialized pointer [CVE-2022-31625]medium🔒---
202238PHP pdo_mysql buffer overflow [CVE-2022-31626]medium🔒---
202237Adobe InDesign buffer overflow [CVE-2021-42732]medium🔒---
202236Adobe InDesign buffer overflow [CVE-2021-40727]medium🔒---
202235Devolutions Remote Desktop Manager Password Mask information disclosurelow🔒---
202234Private Messages Plugin Message cross-site request forgery [CVE-2022-29441]low🔒---
202233Promotion Slider Plugin cross site scripting [CVE-2022-29440]low🔒---
202232NextCode Image Slider Plugin cross-site request forgery [CVE-2022-29439]low🔒---
202231NextCode Image Slider Plugin cross site scripting [CVE-2022-29438]low🔒---
202230NextCode Image Slider Plugin cross-site request forgery [CVE-2022-29437]low🔒---
202229Messages cross site scripting [CVE-2022-29442]low🔒---
202228Adobe InDesign TIFF File buffer overflow [CVE-2021-39820]medium🔒---
202227API KEY for Google Maps Plugin Key Update cross-site request forgerylow🔒---
202226PHPCMS cross site scripting [CVE-2021-40910]low🔒---
202225Advisto PEEL Shopping utilisateurs.php sql injectionmedium🔒---
202224Monstra PHP unrestricted upload [CVE-2021-40940]medium🔒---
202223flatCore-CMS server-side request forgery [CVE-2021-41403]medium🔒---
202222subscription-manager main.js cross site scriptinglow🔒---
202221Octopoller Gem default permission [CVE-2022-31071]medium🔒---
202220Google Android nanopb Local Privilege Escalation [CVE-2022-20203]low🔒---
202219Yandex Browser temp file [CVE-2022-28226]medium🔒---
202218Yandex Browser Installation File symlink [CVE-2022-28225]medium🔒---
202217Intel CPU denial of service [CVE-2022-21180]medium🔒---
202216Yandex Browser Installation File symlink [CVE-2021-25261]medium🔒---
202215Fuji Electric V-Server/V-Server Lite Image File out-of-boundsmedium🔒---
202214Fuji Electric V-SFT Simulator Module out-of-bounds [CVE-2022-30546]medium🔒---
202213Fuji Electric V-SFT Simulator Module out-of-bounds write [CVE-2022-30538]medium🔒---
202212Zoom On-Premise Meeting Connector MMR Waiting Room permissionlow🔒---
202211Zoom Client for Meetings/Rooms for Conference Room Opener Installer injectionmedium🔒---
202210Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS MUI Graphics Web Interface cross site scriptinglow🔒---
202209Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS Web Interface cross site scriptinglow🔒---
202208Johnson Controls Metasys ADS/Metasys ADX/Metasys OAS password recoverymedium🔒---
202207AriaNg access control [CVE-2021-41418]medium🔒---
202206NestJS Proxy Cookie information disclosure [CVE-2022-31070]low🔒---
202205NestJS Proxy information disclosure [CVE-2022-31069]low🔒---
202204Modern Events Calendar Lite cross site scripting [CVE-2022-30533]low🔒---
202203AgileBits 1Password Apps/Integrations information disclosurelow🔒---
202202Rundeck Key Storage Converter Plugin insufficiently protected credentialslow🔒---
202201Intel CPU Power Management Throttling information exposure [CVE-2022-24436]low🔒---
202200AMD Athlon/Ryzen/EPYC Power Frequency Scaling information exposurelow🔒---
202199ABB Drive Composer File System privileges management [CVE-2022-31219]medium🔒---
202198ABB Drive Composer File System privileges management [CVE-2022-31218]medium🔒---
202197ABB Drive Composer File System privileges management [CVE-2022-31217]medium🔒---
202196ABB Drive Composer File System privileges management [CVE-2022-31216]medium🔒---
202195ABB Mint WorkBench Installer privileges management [CVE-2022-26057]medium🔒---
202194Mitsubishi Electric MELSEC-Q Packet denial of service [CVE-2022-24946]medium🔒---
202193Adobe Lightroom Classic Installer temp file [CVE-2021-40776]medium🔒---
202192Xakuro XO Slider Plugin cross site scripting [CVE-2022-32280]low🔒---
202191Export All URLs Plugin cross site scripting [CVE-2022-29452]low🔒---
202190Muneeb Custom Popup Builder Plugin cross site scripting [CVE-2022-28612]low🔒---
202189Supsystic Photo Gallery Plugin Setting cross-site request forgerylow🔒---
202188Admin Management Xtended Plugin cross-site request forgery [CVE-2022-29450]low🔒---
202187Nicdark Hotel Booking Plugin cross site scripting [CVE-2022-29443]low🔒---
202186Adobe Illustrator out-of-bounds write [CVE-2022-30649]medium🔒---
202185Adobe Illustrator use after free [CVE-2022-30648]medium🔒---
202184Adobe Illustrator use after free [CVE-2022-30647]medium🔒---
202183Adobe Bridge use after free [CVE-2022-28849]medium🔒---
202182Adobe Bridge out-of-bounds write [CVE-2022-28848]medium🔒---
202181Adobe Bridge out-of-bounds write [CVE-2022-28847]medium🔒---
202180Adobe Bridge out-of-bounds write [CVE-2022-28846]medium🔒---
202179Adobe Bridge out-of-bounds write [CVE-2022-28845]medium🔒---
202178Adobe Bridge out-of-bounds write [CVE-2022-28844]medium🔒---
202177Adobe Bridge out-of-bounds write [CVE-2022-28843]medium🔒---
202176Adobe Bridge use after free [CVE-2022-28842]medium🔒---
202175Adobe Bridge out-of-bounds write [CVE-2022-28841]medium🔒---
202174Adobe Bridge out-of-bounds write [CVE-2022-28840]medium🔒---
202173Adobe Bridge out-of-bounds write [CVE-2022-28839]medium🔒---
202172Adobe After Effects buffer overflow [CVE-2021-43755]medium🔒---
202171Adobe Photoshop buffer overflow [CVE-2021-42735]medium🔒---
202170Adobe Media Encoder buffer overflow [CVE-2021-43756]medium🔒---
202169Adobe Prelude buffer overflow [CVE-2021-43754]medium🔒---
202168Octokit Gem default permission [CVE-2022-31072]low🔒---
202167Adobe Illustrator out-of-bounds [CVE-2022-30669]low🔒---
202166Adobe Illustrator out-of-bounds [CVE-2022-30668]low🔒---
202165Adobe Illustrator out-of-bounds [CVE-2022-30667]low🔒---
202164Adobe Illustrator out-of-bounds [CVE-2022-30666]low🔒---
202163Adobe Bridge out-of-bounds [CVE-2022-28850]low🔒---
202162REDCap Project edit_project_settings.php cross site scriptinglow🔒---
202161REDCap messenger_ajax.php cross site scriptinglow🔒---
202160itsourcecode School Management System get_subject_routing.php sql injectionmedium🔒---
202159itsourcecode School Management System get_exam.php sql injectionmedium🔒---
202158itsourcecode School Management System get_subject.php sql injectionmedium🔒---
202157itsourcecode School Management System get_teacher.php sql injectionmedium🔒---
202156itsourcecode School Management System get_classroom.php sql injectionmedium🔒---
202155itsourcecode School Management System get_grade.php sql injectionmedium🔒---
202154itsourcecode School Management System get_admin_profile.php sql injectionmedium🔒---
202153itsourcecode School Management System get_student_subject.php sql injectionmedium🔒---
202152itsourcecode School Management System get_parents_profile.php sql injectionmedium🔒---
202151itsourcecode School Management System get_teacher_profile.php sql injectionmedium🔒---
202150itsourcecode School Management System get_exam_timetable.php sql injectionmedium🔒---
202149itsourcecode School Management System get_events.php sql injectionmedium🔒---
202148itsourcecode School Management System get_timetable.php sql injectionmedium🔒---
202147itsourcecode School Management System all_teacher.php Privilege Escalationmedium🔒---
202146Cisco Secure Email and Web Manager Web-based Management Interface improper authenticationhigh🔒---
202145Cisco Identity Services Engine Login Page improper authenticationmedium🔒---
202144Cisco RV110W/RV130/RV130W/RV215W Web-based Management Interface stack-based overflowhigh🔒---
202143Cisco Identity Services Engine Web-based Management Interface privileges assignmentlow🔒---
202142Cisco AppDynamics Controller Web-based Management Interface improper authorizationmedium🔒---
202141Cisco Unified IP Phone Unified Communications Manager weak prnglow🔒---
202140Cisco Secure Email and Web Manager Web Management Interface information disclosurelow🔒---
202139Splunk Enterprise Forwarder Bundle access control [CVE-2022-32158]medium🔒---
202138Splunk Enterprise Forwarder Bundle missing authentication [CVE-2022-32157]medium🔒---
202137Splunk Enterprise/Cloud Platform Universal Forwarder server.conf Local Privilege Escalationlow🔒---
202136Splunk Enterprise Dashboard unknown vulnerability [CVE-2022-32154]medium🔒---
202135Splunk Enterprise/Cloud Platform Splunk-to-Splunk certificate validationmedium🔒---
202134Splunk Enterprise/Cloud Platform Splunk-to-Splunk certificate validationmedium🔒---
202133Splunk Enterprise Command-Line Interface certificate validationmedium🔒---
202132Splunk Enterprise/Cloud Platform httplib/urllib certificate validationmedium🔒---
202131YoudianCMS ApiAction.class.php sql injection [CVE-2022-32301]medium🔒---
202130YoudianCMS MailAction.class.php sql injection [CVE-2022-32300]medium🔒---
202129YoudianCMS SiteAction.class.php sql injection [CVE-2022-32299]medium🔒---
202128kkcms vlist.php sql injectionmedium🔒---
202127Web Based Quiz System welcome.php sql injectionmedium🔒---
202126SourceCodester Theme Park Ticketing System edit_ticket.php sql injectionmedium🔒---
202125IBM Financial Transaction Manager for Digital Payments for Multi-Platform sql injectionmedium🔒---
202124Online Tours and Travels Management System tax.php sql injectionmedium🔒---
202123IBM AIX/VIOS lpd denial of service [CVE-2022-22444]low🔒---
202122Google Android DevicePolicyManagerService.java permissionmedium🔒---
202121Google Android GattServiceConfig.java permissionmedium🔒---
202120Google Android InstalldNativeService.cpp getAppSize out-of-boundslow🔒---
202119Google Android Keystore Library denial of service [CVE-2022-20195]low🔒---
202118Google Android ChooseLockGeneric.java onCreate permissionmedium🔒---
202117Google Android PermissionUsageHelper.java getUniqueUsagesWithLabels permissionmedium🔒---
202116Google Android WindowManagerService.java grantEmbeddedWindowFocus permissionmedium🔒---
202115Google Android nfa_dm_main.cc nfa_dm_check_set_config out-of-bounds writemedium🔒---
202114Google Android AvatarPhotoController.java Local Privilege Escalationlow🔒---
202113Google Android label_backends_android.c closef double freelow🔒---
202112Google Android cppbor_parse.cpp parseRecursively out-of-boundslow🔒---
202111Google Android NotificationManagerService.java setPackageOrComponentEnabled information disclosurelow🔒---
202110Google Android FileUtil.java isFileUri information disclosurelow🔒---
202109Google Android DevicePolicyManagerService.java registerRemoteBugreportReceivers permissionmedium🔒---
202108Google Android Hotspot State SoftApManager.java updateApState information disclosurelow🔒---
202107Google Android NFC Stack llcp_dlc.cc llcp_dlc_proc_connect_pdu out-of-boundslow🔒---
202106Google Android Parcel.java recycle permissionmedium🔒---
202105Google Android gallery3d/Photos information disclosure [CVE-2022-20196]low🔒---
202104Google Android use after free [CVE-2022-20185]medium🔒---
202103Google Android faceauth_hypx.c hypx_create_blob_dmabuf out-of-bounds writemedium🔒---
202102Google Android A ioctl_dpm_qos_update out-of-bounds writemedium🔒---
202101Google Android Kernel Base Driver out-of-bounds write [CVE-2022-20166]medium🔒---
202100Google Android ipu-core-jqs-msg-transport.c ipu_core_jqs_msg_transport_kernel_write_sync use after freemedium🔒---
202099Google Android sock.c lock_sock_nested use after freemedium🔒---
202098Google Android rcu_segcblist.c rcu_cblist_dequeue use after freemedium🔒---
202097Google Android TitanM Chip out-of-bounds write [CVE-2022-20152]medium🔒---
202096Google Android Kernel use after free [CVE-2022-20148]medium🔒---
202095Google Android ZenModeHelper.java addAutomaticZenRule resource consumptionlow🔒---
202094Google Android igmp.c ip_check_mc_rcu use after freemedium🔒---
202093Google Android Kernel Privilege Escalation [CVE-2022-20191]low🔒---
202092Google Android Kernel Privilege Escalation [CVE-2022-20190]low🔒---
202091Google Android Kernel Privilege Escalation [CVE-2022-20188]low🔒---
202090Google Android Kernel Privilege Escalation [CVE-2022-20184]low🔒---
202089Google Android Kernel Privilege Escalation [CVE-2022-20181]low🔒---
202088Google Android Kernel Privilege Escalation [CVE-2022-20179]low🔒---
202087Google Android Kernel Privilege Escalation [CVE-2022-20177]low🔒---
202086Google Android Kernel Privilege Escalation [CVE-2022-20175]low🔒---
202085Google Android Kernel Privilege Escalation [CVE-2022-20173]low🔒---
202084Google Android Kernel Privilege Escalation [CVE-2022-20171]low🔒---
202083Google Android Kernel Privilege Escalation [CVE-2022-20170]low🔒---
202082Google Android Kernel Privilege Escalation [CVE-2022-20169]low🔒---
202081Google Android Kernel Privilege Escalation [CVE-2022-20168]low🔒---
202080Google Android Kernel Privilege Escalation [CVE-2022-20167]low🔒---
202079Google Android Kernel Privilege Escalation [CVE-2022-20164]low🔒---
202078Google Android Kernel Privilege Escalation [CVE-2022-20160]low🔒---
202077Google Android Kernel Privilege Escalation [CVE-2022-20151]low🔒---
202076Google Android Kernel Privilege Escalation [CVE-2022-20149]low🔒---
202075Google Android Vpn.java startLegacyVpnPrivileged downgradelow🔒---
202074Google Android gatt_sr.cc read_multi_rsp out-of-bounds writemedium🔒---
202073Google Android Titan-M Source param_find_digests_internal out-of-bounds writemedium🔒---
202072Google Android pixel_loader.c handle_ramdump information disclosurelow🔒---
202071Google Android sjtag-driver.c auth_store information disclosurelow🔒---
202070Google Android mach-gs101.c exynos_secEnv_init out-of-boundslow🔒---
202069Google Android asn1.c asn1_parse out-of-boundslow🔒---
202068Google Android asn1.c asn1_p256_int out-of-boundslow🔒---
202067Google Android asn1_common.c asn1_ec_pkey_parse out-of-boundslow🔒---
202066Google Android GraphicBuffer.cpp unflatten input validationmedium🔒---
202065Google Android FileUploadServiceImpl.java uploadFile information disclosurelow🔒---
202064Google Android GeofenceHardwareRequestParcelable.java createFromParcel Local Privilege Escalationlow🔒---
202063Google Android NAS Message denial of service [CVE-2022-20210]low🔒---
202062Google Android hme_utils.c hme_add_new_node_to_a_sorted_array out-of-boundslow🔒---
202061Google Android ih264_resi_trans_quant_sse42.c ih264_resi_trans_quant_4x4_sse42 out-of-boundslow🔒---
202060DynamicWebLab Team Manager Plugin cross site scripting [CVE-2022-29406]low🔒---
202059Nicdark Travel Management Plugin cross site scripting [CVE-2022-27859]low🔒---
202058Phil Baker Age Gate Plugin cross site scripting [CVE-2021-36901]low🔒---
202057Apache Hadoop path traversal [CVE-2021-33036]medium🔒---
202056Apache NiFi/NiFi Registry ShellUserGroupProvider os command injectionmedium🔒---
202055Google Android ShannonRcsService.java onbind information disclosurelow🔒---
202054Google Android mali_kbase_mem_linux.c kbase_mem_alias input validationmedium🔒---
202053Google Android GBoard sandbox [CVE-2022-20125]medium🔒---
202052Google Android WiFi Settings NetworkProviderSettings.java onCreateContextMenu permissionmedium🔒---
202051Google Android Phone Number CallSubjectDialog.java readArguments input validationmedium🔒---
202050Google Android PhoneAccountRegistrar.java registerPhoneAccount denial of servicelow🔒---
202049Google Android DeletePackageHelper.java deletePackageX permissionmedium🔒---
202048Google Android WindowManager improper restriction of rendered ui layerslow🔒---
202047David Brackeen ok-file-formats ok_jpg_convert_YCbCr_to_RGB buffer overflowmedium🔒---
202046Google Android GateKeeperResponse.java writeToParcel Local Privilege Escalationlow🔒---
202045Google Android AdapterService.java setDiscoverableTimeout permissionmedium🔒---
202044Google Android Bluetooth Discovery Mode AdapterService.java setScanMode permissionmedium🔒---
202043Google Android USB HID File hid-lg.c lg_probe out-of-boundslow🔒---
202042Google Android nci_hrcv.cc nci_proc_rf_management_ntf out-of-boundslow🔒---
202041Google Android tpdec_lib.cpp transportDec_OutOfBandConfig heap-based overflowmedium🔒---
202040Google Android ce_t4t.cc ce_t4t_data_cback out-of-bounds writemedium🔒---
202039Google Android phNxpExtns_MifareStd.cpp phNciNfc_RecvMfResp out-of-boundslow🔒---
202038Citrix ADM License Service resource control [CVE-2022-27512]low🔒---
202037Citrix ADM Admin Password access control [CVE-2022-27511]medium🔒---
202036PotPlayer out-of-bounds write [CVE-2021-40212]medium🔒---
202035SourceCodester Bank Management System cross site scripting [CVE-2022-2087]low🔒---
202034SourceCodester Bank Management System login.php sql injectionmedium🔒---
202033Nokia G-2425G-A Device Management Page cross site scripting [CVE-2022-30903]low🔒---
202032SourceCodester Tourism Management System cross-site request forgerylow🔒---
202031Siemens Mendix SAML Module Error Message cross site scriptinglow🔒---
202030Siemens Teamcenter Active Workspace Web Interface cross site scriptinglow🔒---
202029Siemens Xpedition Designer access control [CVE-2022-31465]medium🔒---
202028oretnom23 Product Show Room Site sql injection [CVE-2022-32355]medium🔒---
202027oretnom23 Product Show Room Site sql injection [CVE-2022-32354]medium🔒---
202026oretnom23 Product Show Room Site sql injection [CVE-2022-32367]medium🔒---
202025oretnom23 Product Show Room Site sql injection [CVE-2022-32364]medium🔒---
202024SAP ERP SHAAM Program VQ23 authorizationmedium🔒---
202023WAVLINK WN579 X3 POST Request ExportAllSettings.sh information disclosurelow🔒---
202022WAVLINK WN535 G3 live_mfg.shtml exec cmd information disclosurelow🔒---
202021WAVLINK WN535 G3 live_check.shtml exec cmd information disclosurelow🔒---
202020WAVLINK AERIAL X 1200M POST adm.cgi Privilege Escalationlow🔒---
202019WAVLINK AERIAL X 1200M live_check.shtml exec cmd information disclosurelow🔒---
202018WAVLINK AERIAL X 1200M live_mfg.shtml exec cmd information disclosurelow🔒---
202017Siemens EN100 Ethernet Module HTTP Packet txtrace memory corruptionlow🔒---
202016Siemens SICAM GridEdge Essential ARM missing authentication [CVE-2022-30230]medium🔒---
202015Siemens SICAM GridEdge Essential ARM missing authentication [CVE-2022-30229]medium🔒---
202014Siemens SINEMA Remote Connect Server Error Message cross site scriptinglow🔒---
202013Siemens Spectrum Power 4 Shared HIS hard-coded credentials [CVE-2022-26476]medium🔒---
202012Qualcomm Snapdragon Auto BT HFP-UNIT Profile memory corruptionhigh🔒---
202011Qualcomm Snapdragon Auto Multimedia Driver memory corruptionmedium🔒---
202010Qualcomm Snapdragon Compute Internal Cache memory corruptionmedium🔒---
202009Qualcomm Snapdragon Auto Video memory corruption [CVE-2022-22087]medium🔒---
202008Qualcomm Snapdragon Auto 3gp Clip memory corruption [CVE-2022-22086]medium🔒---
202007Qualcomm Snapdragon Auto Video memory corruption [CVE-2022-22085]medium🔒---
202006Qualcomm Snapdragon Auto qcp Audio File memory corruption [CVE-2022-22084]medium🔒---
202005Qualcomm Snapdragon Auto APE Header memory corruption [CVE-2022-22083]medium🔒---
202004Qualcomm Snapdragon Auto DSF Header Parser memory corruptionmedium🔒---
202003Qualcomm Snapdragon Auto NDP Application Information buffer overflowmedium🔒---
202002Qualcomm Snapdragon Auto IOCTL use after free [CVE-2022-22071]medium🔒---
202001Qualcomm Snapdragon Auto WLAN Host out-of-bounds [CVE-2022-22065]medium🔒---
202000Qualcomm Snapdragon Auto Frame buffer overflow [CVE-2022-22064]medium🔒---
201999Qualcomm Snapdragon Auto Graphics Fence use after free [CVE-2022-22057]medium🔒---
201998Textpattern Body cross site scripting [CVE-2021-40658]low🔒---
201997Software AG Connx missing secure attribute [CVE-2021-40650]low🔒---
201996Software AG Connx cookie httponly flag [CVE-2021-40649]medium🔒---
201995thinkcmf Background User Management Group permission [CVE-2021-40616]medium🔒---
201994Qualcomm Snapdragon Auto Graphics Support Layer use after freemedium🔒---
201993Qualcomm Snapdragon Compute BT Controller memory corruption [CVE-2021-35129]medium🔒---
201992Qualcomm Snapdragon Auto DSP Service memory corruption [CVE-2021-35126]medium🔒---
201991Qualcomm Snapdragon Connectivity/Snapdragon Industrial IOT GATT Multi Notification buffer overflowmedium🔒---
201990Qualcomm Snapdragon Compute Array Index use after free [CVE-2021-35121]medium🔒---
201989Qualcomm Snapdragon Compute Export use after free [CVE-2021-35120]medium🔒---
201988Qualcomm Snapdragon Auto FIPS Event out-of-bounds [CVE-2021-35119]low🔒---
201987Qualcomm Snapdragon Auto Camera Driver out-of-bounds write [CVE-2021-35118]medium🔒---
201986Qualcomm Snapdragon Auto APK Local Privilege Escalation [CVE-2021-35116]medium🔒---
201985Qualcomm Snapdragon Auto Backend Driver initialization [CVE-2021-35114]medium🔒---
201984Qualcomm Snapdragon Auto access control [CVE-2021-35112]medium🔒---
201983Qualcomm Snapdragon Connectivity, Snapdragon Mobile Tag ID race conditionmedium🔒---
201982Qualcomm Snapdragon Auto FLAC Audio Clip buffer overflow [CVE-2021-35104]high🔒---
201981Qualcomm Snapdragon Auto EFS buffer overflow [CVE-2021-35102]medium🔒---
201980Qualcomm Snapdragon Auto Virtual GICR Control assertion [CVE-2021-35101]low🔒---
201979Qualcomm Snapdragon Auto Id3 Tag Parser buffer overflow [CVE-2021-35100]medium🔒---
201978Qualcomm Snapdragon Auto PCM Routing memory corruption [CVE-2021-35098]medium🔒---
201977Qualcomm Snapdragon Auto DLM denial of service [CVE-2021-35096]medium🔒---
201976Qualcomm Snapdragon Connectivity/Snapdragon Mobile Message Queue race conditionmedium🔒---
201975Qualcomm Snapdragon Auto HLOS improper authorization [CVE-2021-35094]medium🔒---
201974Qualcomm Snapdragon Auto IOCTL Request memory corruption [CVE-2021-35092]medium🔒---
201973Qualcomm Snapdragon Connectivity/Snapdragon Mobile Page Fault out-of-boundsmedium🔒---
201972Qualcomm Snapdragon Auto Hypervisor toctou [CVE-2021-35090]medium🔒---
201971Qualcomm Snapdragon Industrial IOT/Snapdragon Mobile System Information Message null pointer dereferencemedium🔒---
201970Qualcomm Snapdragon Auto NR System Information Message buffer overflowmedium🔒---
201969Qualcomm Snapdragon Auto Management Frame Rx buffer overflowmedium🔒---
201968Qualcomm Snapdragon Auto DIAG Event out-of-bounds [CVE-2021-35084]low🔒---
201967Qualcomm Snapdragon Auto Certificate Chain out-of-bounds [CVE-2021-35083]medium🔒---
201966Qualcomm Snapdragon Industrial IOT RRC Security Mode Command Packet integrity checkhigh🔒---
201965Qualcomm Snapdragon Auto SSID Length buffer overflow [CVE-2021-35081]high🔒---
201964Qualcomm Snapdragon Auto Server Certificate Parser memory leakmedium🔒---
201963Qualcomm Snapdragon Auto RRC Connection null pointer dereferencemedium🔒---
201962Qualcomm Snapdragon Auto Rank Restriction Field assertion [CVE-2021-35073]medium🔒---
201961Qualcomm Snapdragon Auto Diag Command buffer overflow [CVE-2021-35072]medium🔒---
201960FileCloud NTFS access control [CVE-2022-1958]medium🔒---
201959Qualcomm Snapdragon Auto buffer overflow [CVE-2021-35071]medium🔒---
201958Qualcomm Snapdragon Auto MBN Header memory corruption [CVE-2021-30350]medium🔒---
201957Qualcomm Snapdragon Auto AC Database memory corruption [CVE-2021-30349]medium🔒---
201956Qualcomm Snapdragon Auto RRC Command Packet integrity check [CVE-2021-30347]high🔒---
201955Qualcomm Snapdragon Auto LTE Security Mode Command denial of servicemedium🔒---
201954Qualcomm Snapdragon Auto RRC Command Packet integrity check [CVE-2021-30343]high🔒---
201953Qualcomm Snapdragon Auto RRC Command Packet integrity check [CVE-2021-30342]high🔒---
201952Qualcomm Snapdragon Auto DSM Packet memory corruption [CVE-2021-30341]high🔒---
201951Qualcomm Snapdragon Auto SA Mode assertion [CVE-2021-30340]medium🔒---
201950Qualcomm Snapdragon Connectivity PRNG buffer overflow [CVE-2021-30339]medium🔒---
201949Qualcomm Snapdragon Auto DRM File Status use after free [CVE-2021-30334]medium🔒---
201948Qualcomm Snapdragon Mobile Sahara Protocol buffer overflow [CVE-2021-30327]medium🔒---
201947Qualcomm Snapdragon Auto Local Privilege Escalation [CVE-2021-30281]medium🔒---
201946EdgeX Foundry API Endpoint config information disclosurelow🔒---
201945Discourse Event Name cross site scripting [CVE-2022-31059]low🔒---
201944Jupyter Server REST API information disclosure [CVE-2022-29241]low🔒---
201943SAP Adaptive Server Enterprise privileges management [CVE-2022-31594]medium🔒---
201942Siemens Mendix SAML Module xml external entity reference [CVE-2022-32285]low🔒---
201941SAP Financial Consolidation authorization [CVE-2022-31595]medium🔒---
201940Jupyter Notebook direct request [CVE-2022-29238]low🔒---
201939Oracle Linux UEK File Descriptor access control [CVE-2022-21504]medium🔒---
201938Couchbase Server HTTP Request information exposure [CVE-2022-32559]low🔒---
201937Palantir Foundry Multipass resource consumption [CVE-2022-27889]low🔒---
201936Siemens SINEMA Remote Connect Server UMC access control [CVE-2022-32260]medium🔒---
201935Siemens SINEMA Remote Connect Server Test Scripts information disclosurelow🔒---
201934Siemens SINEMA Remote Connect Server Web Service access controlmedium🔒---
201933Siemens SICAM GridEdge Essential ARM inadequate encryption [CVE-2022-30231]low🔒---
201932Siemens SINEMA Remote Connect Server HTTP Response information exposurelow🔒---
201931Siemens SINEMA Remote Connect Server HTTP Security Header clickjackinglow🔒---
201930Siemens SINEMA Remote Connect Server HTTP Security Header security checkmedium🔒---
201929Qualcomm Snapdragon Auto Kernel Event information disclosurelow🔒---
201928giflib GIF File gif2rgb.c resource consumptionlow🔒---
201927Siemens SCALANCE OSPF integrity check [CVE-2021-37182]medium🔒---
201926Qualcomm Snapdragon Industrial IOT SMMU information disclosurelow🔒---
201925Qualcomm Snapdragon Compute Telephony Service API information disclosurelow🔒---
201924SAP PowerDesigner Proxy unquoted search path [CVE-2022-31590]medium🔒---
201923SAP 3D Visual Enterprise Viewer SVG File denial of service [CVE-2022-32243]low🔒---
201922SAP 3D Visual Enterprise Viewer Radiance Picture File denial of servicelow🔒---
201921SAP 3D Visual Enterprise Viewer PDF Document denial of servicelow🔒---
201920SAP 3D Visual Enterprise Viewer JT File denial of service [CVE-2022-32240]low🔒---
201919SAP 3D Visual Enterprise Viewer JPEG2000 File denial of servicelow🔒---
201918SAP 3D Visual Enterprise Viewer EPS File denial of service [CVE-2022-32238]low🔒---
201917SAP 3D Visual Enterprise Viewer CGM File CgmCore.dll denial of servicelow🔒---
201916SAP 3D Visual Enterprise Viewer denial of service [CVE-2022-32236]low🔒---
201915Discourse Banner Topic Data information disclosure [CVE-2022-31060]low🔒---
201914SAP 3D Visual Enterprise Viewer TeighaTranslator.exe denial of servicelow🔒---
201913Couchbase Server Diagnostic Endpoint access control [CVE-2022-32561]medium🔒---
201912Couchbase Server TLS Server improper authentication [CVE-2022-32557]medium🔒---
201911oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201910oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201909Sonatype Nexus Repository Manager OSS Admin Panel access controlmedium🔒---
201908TYPO3 Form Framework cross site scripting [CVE-2022-31048]low🔒---
201907TYPO3 Exception log file [CVE-2022-31047]low🔒---
201906SAP NetWeaver Developer Studio log4j deserialization [CVE-2022-29615]low🔒---
201905Employee Leaves Management System myprofile.php cross-site request forgerylow🔒---
201904SAP NetWeaver Application Server ABAP startservice sapuxuserchk privileges managementlow🔒---
201903oretnom23 Product Show Room Site view_category.php sql injectionmedium🔒---
201902oretnom23 Product Show Room Site manage_category.php sql injectionmedium🔒---
201901oretnom23 Product Show Room Site sql injection [CVE-2022-32359]medium🔒---
201900oretnom23 Product Show Room Site sql injection [CVE-2022-32358]medium🔒---
201899oretnom23 Product Show Room Site manage_field_order.php sql injectionmedium🔒---
201898TYPO3 Backend User Interface session expiration [CVE-2022-31050]medium🔒---
201897TYPO3 Email cross site scripting [CVE-2022-31049]low🔒---
201896TYPO3 Export information disclosure [CVE-2022-31046]low🔒---
201895oretnom23 Product Show Room Site view_field.php sql injectionmedium🔒---
201894oretnom23 Product Show Room Site manage_field.php sql injectionmedium🔒---
201893SAP NetWeaver Development Infrastructure Design Time Repository cross site scriptinglow🔒---
201892oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201891oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201890oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201889oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201888oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201887oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201886oretnom23 Hospitals Patient Records Management System view_room.php sql injectionmedium🔒---
201885oretnom23 Hospitals Patient Records Management System manage_room.php sql injectionmedium🔒---
201884oretnom23 Hospitals Patient Records Management System sql injectionmedium🔒---
201883oretnom23 Hospitals Patient Records Management System manage_room_type.php sql injectionmedium🔒---
201882oretnom23 Hospitals Patient Records Management System view_room_type.php sql injectionmedium🔒---
201881oretnom23 Hospitals Patient Records Management System view_doctor.php sql injectionmedium🔒---
201880oretnom23 Hospitals Patient Records Management System manage_doctor.php sql injectionmedium🔒---
201879oretnom23 Hospitals Patient Records Management System manage_patient.php sql injectionmedium🔒---
201878oretnom23 Fast Food Ordering System manage_menu.php sql injectionmedium🔒---
201877oretnom23 Fast Food Ordering System manage_category.php sql injectionmedium🔒---
201876oretnom23 Fast Food Ordering System receipt.php sql injectionmedium🔒---
201875oretnom23 Fast Food Ordering System sql injection [CVE-2022-32332]medium🔒---
201874oretnom23 Fast Food Ordering System view_category.php sql injectionmedium🔒---
201873oretnom23 Fast Food Ordering System sql injection [CVE-2022-32330]medium🔒---
201872oretnom23 Fast Food Ordering System denial of service [CVE-2022-32328]low🔒---
201871ITOP ajax.render.php cross site scriptinglow🔒---
201870SAP NetWeaver/ABAP Platform Route saprouttab authorizationmedium🔒---
201869SAP NetWeaver/ABAP Platform/SAP Host Agent sapcontrol server-side request forgerymedium🔒---
201868Kreado Kreasfero unrestricted upload [CVE-2021-42675]medium🔒---
201867Microsoft Windows SMB denial of service [CVE-2022-32230]medium🔒---
201866Microsoft AV1 Video Extension Remote Code Execution [CVE-2022-30193]medium🔒---
201865Microsoft Windows Autopilot Device Management/Enrollment Client information disclosurelow🔒---
201864Microsoft HEVC Video Extensions Remote Code Execution [CVE-2022-30188]medium🔒---
201863Microsoft .NET/Visual Studio information disclosure [CVE-2022-30184]low🔒---
201862Microsoft RTOS GUIX information disclosure [CVE-2022-30180]low🔒---
201861Microsoft RTOS GUIX Remote Code Execution [CVE-2022-30179]medium🔒---
201860Microsoft RTOS GUIX Remote Code Execution [CVE-2022-30178]medium🔒---
201859Microsoft Azure RTOS GUIX Local Privilege Escalation [CVE-2022-30177]medium🔒---
201858Microsoft Office Remote Code Execution [CVE-2022-30174]medium🔒---
201857Microsoft Excel Remote Code Execution [CVE-2022-30173]medium🔒---
201856Microsoft SharePoint Server/Office information disclosure [CVE-2022-30172]low🔒---
201855Microsoft SharePoint Server/Office information disclosure [CVE-2022-30171]low🔒---
201854Microsoft Microsoft Photos Remote Code Execution [CVE-2022-30168]medium🔒---
201853Microsoft AV1 Video Extension Remote Code Execution [CVE-2022-30167]medium🔒---
201852Microsoft Windows Local Security Authority Subsystem Service Privilege Escalationmedium🔒---
201851Microsoft Windows Kerberos Privilege Escalation [CVE-2022-30165]medium🔒---
201850Microsoft Windows Kerberos AppContainer Privilege Escalationhigh🔒---
201849Microsoft Windows Hyper-V Privilege Escalation [CVE-2022-30163]medium🔒---
201848Microsoft Windows Kernel information disclosure [CVE-2022-30162]low🔒---
201847Microsoft Windows LDAP Remote Code Execution [CVE-2022-30161]medium🔒---
201846Microsoft Windows Advanced Local Procedure Call Privilege Escalationmedium🔒---
201845Microsoft Office information disclosure [CVE-2022-30159]low🔒---
201844Microsoft SharePoint Server Privilege Escalation [CVE-2022-30158]medium🔒---
201843Microsoft SharePoint Server Privilege Escalation [CVE-2022-30157]medium🔒---
201842Microsoft Windows Kernel denial of service [CVE-2022-30155]medium🔒---
201841Microsoft Windows File Server Shadow Copy Agent Service Privilege Escalationlow🔒---
201840Microsoft Windows LDAP Remote Code Execution [CVE-2022-30153]medium🔒---
201839Microsoft Windows NAT denial of service [CVE-2022-30152]medium🔒---
201838Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalationmedium🔒---
201837Microsoft Windows Defender Remote Credential Guard Privilege Escalationmedium🔒---
201836Microsoft Windows LDAP Remote Code Execution [CVE-2022-30149]medium🔒---
201835Microsoft Windows Desired State Configuration information disclosurelow🔒---
201834Microsoft Windows Installer Privilege Escalation [CVE-2022-30147]medium🔒---
201833Microsoft Windows LDAP Remote Code Execution [CVE-2022-30146]medium🔒---
201832Microsoft Windows Encrypting File System Privilege Escalationmedium🔒---
201831Microsoft Windows LDAP Remote Code Execution [CVE-2022-30143]medium🔒---
201830Microsoft Windows File History Privilege Escalation [CVE-2022-30142]medium🔒---
201829Microsoft Windows LDAP Remote Code Execution [CVE-2022-30141]medium🔒---
201828Microsoft Windows iSCSI Discovery Service Privilege Escalationmedium🔒---
201827Microsoft Windows LDAP Privilege Escalation [CVE-2022-30139]medium🔒---
201826Microsoft Azure Service Fabric Container Privilege Escalationmedium🔒---
201825Microsoft Windows Network File System Remote Code Execution [CVE-2022-30136]high🔒---
201824Microsoft Windows Media Center Privilege Escalation [CVE-2022-30135]medium🔒---
201823Microsoft Windows Container Manager Service Privilege Escalationmedium🔒---
201822Microsoft Windows Container Isolation FS Filter Driver Privilege Escalationmedium🔒---
201821Microsoft System Center Operations Manager Privilege Escalationmedium🔒---
201820Microsoft SQL Server Privilege Escalation [CVE-2022-29143]medium🔒---
201819Microsoft HEVC Video Extensions Remote Code Execution [CVE-2022-29119]medium🔒---
201818Microsoft HEVC Video Extensions Remote Code Execution [CVE-2022-29111]medium🔒---
201817Microsoft Edge Remote Code Execution [CVE-2022-22021]medium🔒---
201816Microsoft HEVC Video Extensions Remote Code Execution [CVE-2022-22018]medium🔒---
201815Microsoft Windows Device Register Partial Write memory corruptionlow🔒---
201814Microsoft Windows Special Register Buffer Data Sampling information disclosurelow🔒---
201813Microsoft Windows Shared Buffers Data Sampling information disclosurelow🔒---
201812Microsoft Windows Shared Buffers Data Read information disclosurelow🔒---
201811Microsoft Edge ANGLE use after free [CVE-2022-2011]medium🔒---
201810Microsoft Edge Compositing out-of-bounds [CVE-2022-2010]medium🔒---
201809Microsoft Edge WebGL out-of-bounds [CVE-2022-2008]medium🔒---
201808Microsoft Edge WebGPU use after free [CVE-2022-2007]medium🔒---
201807Qualcomm Snapdragon Industrial IOT RPM Secure Stream access controlmedium🔒---
201806Qualcomm Snapdragon Industrial IOT RPM Secure Stream access controlmedium🔒---
201805Qualcomm Snapdragon Compute TrustZone Memory Transfer Interface information disclosurelow🔒---
201804Delight Nashorn Sandbox denial of service [CVE-2021-40660]low🔒---
201803TopIDP3000 Topsec Session Cookie excessive authentication [CVE-2022-31273]low🔒---
201802Siemens SINEMA Remote Connect Server File Upload command injectionmedium🔒---
201801Siemens SINEMA Remote Connect Server APT Update access controlmedium🔒---
201800Siemens SINEMA Remote Connect Server Endpoint information disclosurelow🔒---
201799Siemens SINEMA Remote Connect Server Web Service access controlmedium🔒---
201798Siemens SINEMA Remote Connect Server HTTP POST Request log filelow🔒---
201797Siemens SINEMA Remote Connect Server Update Package data authenticitymedium🔒---
201796Siemens SINEMA Remote Connect Server missing authentication [CVE-2022-32251]medium🔒---
201795Siemens Teamcenter Java EE Server Manager HTML Adaptor hard-coded credentialsmedium🔒---
201794Siemens SICAM GridEdge Essential ARM origin validation [CVE-2022-30228]medium🔒---
201793Qualcomm Snapdragon Industrial IOT/Snapdragon Mobile RPM Secure Stream information disclosurelow🔒---
201792Siemens SINEMA Remote Connect Server OpenSSL Certificate Password access controlmedium🔒---
201791Fast Food Ordering System view_menu.php sql injectionmedium🔒---
201790Piwigo cross site scripting [CVE-2021-40678]low🔒---
201789Mobaoku-Auction&Flea Market certificate validation [CVE-2022-29482]medium🔒---
201788NocoDB cross site scripting [CVE-2022-2079]low🔒---
201787RevoWorks SCVX/Browser/Desktop Macro Remote Code Execution [CVE-2022-27176]medium🔒---
201786Fuji Electric V-SFT Simulator Module uninitialized pointer [CVE-2022-29925]medium🔒---
201785Fuji Electric V-Server/V-Server Lite Image File out-of-bounds writemedium🔒---
201784Fuji Electric V-SFT Simulator Module use after free [CVE-2022-29522]medium🔒---
201783Fuji Electric V-SFT Simulator Module out-of-bounds [CVE-2022-29506]low🔒---
201782Fuji Electric V-SFT Simulator Module heap-based overflow [CVE-2022-26302]medium🔒---
201781Shirasagi cross site scripting [CVE-2022-29485]low🔒---
201780T&D Data Server/Thermo Recorder Data Server pathname traversalmedium🔒---
201779Apache Flume JMS Source injection [CVE-2022-25167]medium🔒---
201778Magicpin SVG File xml external entity reference [CVE-2022-31447]low🔒---
201777XFCE Desktop File Privilege Escalation [CVE-2022-32278]low🔒---
201776Couchbase Server information disclosure [CVE-2022-32192]low🔒---
201775Electron data authenticity [CVE-2022-29257]medium🔒---
201774Couchbase Server information disclosure [CVE-2022-32193]low🔒---
201773Argo Events HandleRoute Endpoint ioutil.ReadAll resource consumptionlow🔒---
201772Electron exposure of resource [CVE-2022-29247]low🔒---
201771Huawei CV81-WDM denial of service [CVE-2022-29798]low🔒---
201770Huawei CV81-WDM buffer overflow [CVE-2022-29797]medium🔒---
201769Huawei FLMG-10 improper authentication [CVE-2022-22259]medium🔒---
201768Invision Power Services Community Suite phar Protocol server-side request forgerymedium🔒---
201767Couchbase Server Backup Service Log information disclosure [CVE-2022-32565]low🔒---
201766Couchbase Server couchbase-cli information disclosure [CVE-2022-32564]low🔒---
201765Couchbase Server XDCR Privilege Escalation [CVE-2022-32560]low🔒---
201764Couchbase Server Sample Bucket Loader information disclosurelow🔒---
201763Biscuit signature verification [CVE-2022-31053]medium🔒---
201762Powertek PDU HTTP API get_param.cgi permissionmedium🔒---
201761Powertek PDU Web Interface get_param.cgi authorizationmedium🔒---
201760Huawei HarmonyOS Bone Voice ID TA Privilege Escalation [CVE-2021-40036]medium🔒---
201759Couchbase Server RBAC permission [CVE-2022-32562]medium🔒---
201758Tenda AC18 WriteFacMac Privilege Escalationmedium🔒---
201757MiniCMS Article post-edit.php cross site scriptinglow🔒---
201756oretnom23 Online Fire Reporting System GET Parameter list.php sql injectionmedium🔒---
201755Church Management System Avatar Image uploads unrestricted uploadmedium🔒---
201754Sourcecodester South Gate Inn Online Reservation System File editImg sql injectionmedium🔒---
201753Elementor Website Builder Plugin cross site scripting [CVE-2022-29455]low🔒---
201752flatCore-CMS Create New Page cross site scripting [CVE-2021-40902]low🔒---
201751Helpdeskz email-addresses cross site scriptinglow🔒---
201750Helpdeskz custom-fields cross site scriptinglow🔒---
201749neorazorx facturascripts cross site scripting [CVE-2022-2066]low🔒---
201748neorazorx facturascripts cross site scripting [CVE-2022-2065]low🔒---
201747Jupiter Theme/JupiterX Core Plugin abb_uninstall_template privileges managementmedium🔒---
201746Huawei Smart Phone Secure OS Module information disclosure [CVE-2022-31761]low🔒---
201745Huawei HarmonyOS Dialog Box improper restriction of rendered ui layersmedium🔒---
201744Huawei HarmonyOS Setting Module information disclosure [CVE-2022-31757]low🔒---
201743Huawei Smart Phone denial of service [CVE-2022-31754]low🔒---
201742Huawei HarmonyOS Wakeup Module format string [CVE-2022-31753]medium🔒---
201741Huawei Smart Phone authorization [CVE-2022-31752]low🔒---
201740kCTF set-src-ip-ranges access control [CVE-2022-31055]medium🔒---
201739Amodat Mobile Application Gateway Admin Panel sql injection [CVE-2022-23169]medium🔒---
201738Amodat Mobile Application Gateway Login Panel sql injection [CVE-2022-23168]medium🔒---
201737Amodat Mobile Application Gateway GET Request downloadfile.aspx path traversallow🔒---
201736Huawei HarmonyOS Secure OS Module denial of service [CVE-2021-46815]low🔒---
201735Huawei Smart Phone ChinaDRM Module denial of service [CVE-2021-46813]low🔒---
201734Huawei HarmonyOS Multi-Device Interaction unknown vulnerabilitylow🔒---
201733Huawei HarmonyOS AMS Module input validation [CVE-2022-31762]medium🔒---
201732Huawei HarmonyOS AppLink uninitialized pointer [CVE-2022-31759]medium🔒---
201731Huawei HarmonyOS Fingerprint Sensor Module information disclosurelow🔒---
201730Huawei HarmonyOS Communication Module permissions [CVE-2022-31755]medium🔒---
201729NAVER Cloud Explorer privileges management [CVE-2022-24077]medium🔒---
201728Huawei HarmonyOS Video Framework out-of-bounds [CVE-2021-46814]low🔒---
201727Open Forms File Name Extension Parser unrestricted upload [CVE-2022-31041]medium🔒---
201726Open Forms redirect [CVE-2022-31040]medium🔒---
201725RosarioSIS sql injection [CVE-2022-2067]medium🔒---
201724NocoDB session expiration [CVE-2022-2064]low🔒---
201723NocoDB privileges management [CVE-2022-2063]medium🔒---
201722NocoDB information disclosure [CVE-2022-2062]low🔒---
201721Huawei HarmonyOS Card Production Life Cycle permission [CVE-2021-46811]low🔒---
201720Huawei HarmonyOS Kernel Module null pointer dereference [CVE-2022-31763]low🔒---
201719Huawei HarmonyOS Kernel Module race condition [CVE-2022-31758]low🔒---
201718Huawei HarmonyOS emcom Module denial of service [CVE-2022-31751]low🔒---
201717Festo Controller CECC-X-M1 POST Request os command injectionhigh🔒---
201716Festo Controller CECC-X-M1 POST Request os command injectionhigh🔒---
201715Festo Controller CECC-X-M1 POST Request os command injectionhigh🔒---
201714Festo Controller CECC-X-M1 POST Request os command injectionhigh🔒---
201713Node.js npm information disclosure [CVE-2022-29244]low🔒---
201712hpjansson chafa heap-based overflow [CVE-2022-2061]medium🔒---
201711Quick Subscribe Plugin Setting cross-site request forgery [CVE-2022-1792]low🔒---
201710Sideblog Plugin Setting cross-site request forgery [CVE-2022-1787]low🔒---
201709postTabs Plugin Setting cross-site request forgery [CVE-2022-1781]low🔒---
201708LaTeX for Plugin cross-site request forgery [CVE-2022-1780]low🔒---
201707WP-chgFontSize Plugin Setting cross-site request forgery [CVE-2022-1764]low🔒---
201706Static Page eXtended Plugin Setting cross-site request forgerylow🔒---
201705RB Internal Links Plugin Setting cross-site request forgery [CVE-2022-1759]low🔒---
201704Mobile Browser Color Select Plugin admin_update_data cross-site request forgerylow🔒---
201703Keep Backup Daily Plugin cross site scripting [CVE-2022-1820]low🔒---
201702Sticky Popup Plugin cross site scripting [CVE-2022-1750]low🔒---
201701ToolBar to Share Plugin plugin_toolbar_comparte Page cross-site request forgerylow🔒---
201700Copify Plugin CopifySettings Page cross-site request forgerylow🔒---
201699Zephyr Project Manager Plugin cross site scripting [CVE-2022-1822]low🔒---
201698WP Admin Style Plugin cross site scripting [CVE-2022-1814]low🔒---
201697Private Files Plugin cross-site request forgery [CVE-2022-1793]low🔒---
201696One Click Plugin Updater Plugin Setting cross-site request forgerylow🔒---
201695New User Email Set Up Plugin Setting cross-site request forgerylow🔒---
201694Change Uploaded File Permissions Plugin File Permission cross-site request forgerylow🔒---
201693Auto Delete Posts Plugin Setting cross-site request forgery [CVE-2022-1779]low🔒---
201692WP Athletics Plugin Admin Page cross site scripting [CVE-2022-1773]low🔒---
201691Hot Linked Image Cacher Plugin cross-site request forgery [CVE-2022-1765]low🔒---
201690Peters Collaboration E-mails Plugin cross-site request forgerylow🔒---
201689Newsletter Plugin cross site scripting [CVE-2022-1756]low🔒---
201688Simple Membership Plugin AJAX Action cross site scripting [CVE-2022-1724]low🔒---
201687Appointment Hour Booking Plugin Setting cross site scriptinglow🔒---
201686Latest Tweets Widget Plugin cross-site request forgery [CVE-2022-1624]low🔒---
201685Webriti SMTP Mail Plugin Setting cross-site request forgery [CVE-2022-1612]low🔒---
201684OnePress Social Locker Plugin cross-site request forgery [CVE-2022-1608]low🔒---
201683Email Users Plugin Notification cross-site request forgery [CVE-2022-1605]low🔒---
201682MailerLite Plugin cross site scripting [CVE-2022-1604]low🔒---
201681HC Custom WP-Admin URL Plugin Setting cross-site request forgerylow🔒---
201680SAP NetWeaver EP Web Page Composer server-side request forgerylow🔒---
201679Mitsol Social Post Feed Plugin cross site scripting [CVE-2022-0209]low🔒---
201678JupiterX Core Configuration class-condition-manager.php jupiterx_conditional_manager access controlmedium🔒---
201677Jupiter Theme AJAX Action plugin-management.php abb_remove_plugin access controlmedium🔒---
201676Jupiter Theme/JupiterX Theme AJAX Action jupiterx_cp_load_pane_action path traversalmedium🔒---
201675WPMK Ajax Finder Plugin create-plugin-config.php createplugin_atf_admin_setting_page cross-site request forgerylow🔒---
201674RSVPMaker Plugin rsvpmaker-email.php sql injectionmedium🔒---
201673Google Tag Manager Plugin frontend.php cross site scriptinglow🔒---
201672WP Athletics Plugin Admin Dashboard cross site scripting [CVE-2022-1549]low🔒---
201671Themify Plugin Admin Page cross site scripting [CVE-2022-1532]low🔒---
201670Carousel CK Plugin Slide Description cross site scripting [CVE-2022-1336]low🔒---
201669Slideshow CK Plugin Description cross site scripting [CVE-2022-1335]low🔒---
201668Ultimate Member Plugin User Profile cross site scripting [CVE-2022-1208]low🔒---
201667Advanced Admin Search Plugin Admin Page cross site scriptinglow🔒---
201666Adobe Media Encoder M4A File buffer overflow [CVE-2021-46818]medium🔒---
201665Adobe Media Encoder M4A File buffer overflow [CVE-2021-46817]medium🔒---
201664Adobe Premiere Pro M4A File buffer overflow [CVE-2021-46816]medium🔒---
201663Enqueue Anything Plugin AJAX Action remove_asset authorizationlow🔒---
201662Export any WordPress data to XML-CSV Plugin POST Parameter sql injectionmedium🔒---
201661Filr Plugin authorization [CVE-2022-1777]medium🔒---
201660iQ Block Country Plugin HTTP Header authorization [CVE-2022-1762]medium🔒---
201659Genki Pre-Publish Reminder Plugin cross-site request forgerylow🔒---
201658HC Custom WP-Admin URL Plugin Secret Login URL information disclosurelow🔒---
201657Log WP_Mail Plugin Email information disclosure [CVE-2022-1412]low🔒---
201656WP-CRM Plugin csv injection [CVE-2022-1202]medium🔒---
201655Bestbooks Plugin sql injection [CVE-2022-0827]medium🔒---
201654KiviCare Plugin AJAX Action ajax_post sql injectionmedium🔒---
201653Like Button Rating Plugin Email authorization [CVE-2022-0745]low🔒---
201652Useful Banner Manager Plugin POST Request cross-site request forgerylow🔒---
201651Google Places Reviews Plugin Google API Key Setting cross site scriptinglow🔒---
201650JupiterX Theme ajax.php jupiterx_api_ajax_ access controlmedium🔒---
201649Download Manager Plugin shortcode-iframe.php cross site scriptinglow🔒---
201648Member Hero Plugin Request Parameter code injection [CVE-2022-0885]medium🔒---
201647WP SVG Icons Plugin Custom Icon Pack code injection [CVE-2022-0863]medium🔒---
201646Google Tag Manager Plugin frontend.php cross site scriptinglow🔒---
201645Dolibarr cross site scripting [CVE-2022-2060]low🔒---
201644Strapi File Upload cross site scripting [CVE-2022-29894]low🔒---
201643WP Statistics Platform Parameter cross site scripting [CVE-2022-27231]low🔒---
201642OTRS Request New Password information disclosure [CVE-2022-32741]low🔒---
201641OTRS Forwarder information disclosure [CVE-2022-32740]low🔒---
201640OTRS System Configuration DisableBanner information disclosurelow🔒---
201639Easy Blog cross-site request forgery [CVE-2022-27174]low🔒---
201638Rakuten Casa HTTP Connection access control [CVE-2022-26834]medium🔒---
201637Generex RCCMD pathname traversal [CVE-2022-26041]low🔒---
201636Rakuten Casa hard-coded credentials [CVE-2022-29525]high🔒---
201635Rakuten Casa improper authentication [CVE-2022-28704]high🔒---
201634Apache Hadoop libhdfs heap-based overflow [CVE-2021-37404]medium🔒---
201633Octopus Server Script Console access control [CVE-2022-2013]medium🔒---
201632nuitka command injection [CVE-2022-2054]medium🔒---
201631Deno Deno.symlinkmedium🔒---
201630Nystudio107 SEOmatic Plugin Base64 Encoded URL cross site scriptinglow🔒---
201629Nystudio107 SEOmatic Plugin Template injection [CVE-2021-41749]medium🔒---
201628Intelliants Subrion CMS Image cross site scripting [CVE-2021-41502]low🔒---
201627ZeroShell kerbynet os command injectionmedium🔒---
201626Lighttpd Header connections.c connection_read_header_more resource consumptionlow🔒---
201625GUnet Open eClass formuser.php cross site scriptinglow🔒---
201624Google Chrome ANGLE use after free [CVE-2022-2011]medium🔒---
201623Google Chrome Compositing out-of-bounds [CVE-2022-2010]medium🔒---
201622Google Chrome WebGL out-of-bounds [CVE-2022-2008]medium🔒---
201621Google Chrome WebGPU use after free [CVE-2022-2007]medium🔒---
201620Daylight Studio Fuel CMS 4 cross-site request forgerylow🔒---
201619gatsby-plugin-mdx gray-matter deserialization [CVE-2022-25863]medium🔒---
201618Dell SupportAssist Client Consumer path traversal [CVE-2022-29094]medium🔒---
201617Dell SupportAssist Client Consumer path traversal [CVE-2022-29093]medium🔒---
201616Dell SupportAssist Client Consumer uncontrolled search path [CVE-2022-29092]medium🔒---
201615jpeg-js infinite loop [CVE-2022-25851]low🔒---
201614convert-svg-core SVG File code injection [CVE-2022-24429]medium🔒---
201613git-promise command injection [CVE-2022-24376]medium🔒---
201612convert-svg-core SVG Tag pathname traversal [CVE-2022-24278]medium🔒---
201611posix toString resource consumption [CVE-2022-21211]low🔒---
201610vim use after freemedium🔒---
201609Netwave IP Camera Network Configuration kcore information disclosurelow🔒---
201608Lepin EP-KP001 improper authentication [CVE-2022-29948]medium🔒---
201607libjpeg Empty JPEG-LS Scan singlecomponentlsscan.cpp ParseMCU assertionlow🔒---
201606IdeaLMS sql injection [CVE-2022-31788]medium🔒---
201605Dell SupportAssist Client Consumer cross site scripting [CVE-2022-29095]low🔒---
201604RealVNC VNC Server Installer Repair access control [CVE-2022-27502]medium🔒---
201603Alibaba Fastjson deserialization [CVE-2022-25845]medium&