Export limit exceeded: 336584 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 336584 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336584 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3793 | 1 Gitlab | 1 Gitlab | 2025-05-01 | 4.3 Medium |
| An improper authorization issue in GitLab CE/EE affecting all versions from 14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to read variables set directly in a GitLab CI/CD configuration file they don't have access to. | ||||
| CVE-2022-42964 | 1 Materialsvirtuallab | 1 Pymatgen | 2025-05-01 | 5.9 Medium |
| An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.from_string method | ||||
| CVE-2022-42966 | 1 Python-poetry | 1 Cleo | 2025-05-01 | 5.9 Medium |
| An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method | ||||
| CVE-2021-34569 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2025-05-01 | 9.8 Critical |
| In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. | ||||
| CVE-2021-34577 | 1 Kadenvodomery | 2 Picoflux Air, Picoflux Air Firmware | 2025-05-01 | 6.5 Medium |
| In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device. | ||||
| CVE-2023-5472 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-01 | 8.8 High |
| Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-32356 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28215 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28209 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2022-45196 | 1 Hyperledger | 1 Fabric | 2025-05-01 | 7.5 High |
| Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist. | ||||
| CVE-2022-44319 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44312 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator. | ||||
| CVE-2022-44311 | 1 Html2xhtml Project | 1 Html2xhtml | 2025-05-01 | 8.1 High |
| html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. | ||||
| CVE-2022-43945 | 3 Linux, Netapp, Redhat | 14 Linux Kernel, Active Iq Unified Manager, H300s and 11 more | 2025-05-01 | 7.5 High |
| The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | ||||
| CVE-2022-43343 | 1 N-prolog Project | 1 N-prolog | 2025-05-01 | 7.5 High |
| N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. | ||||
| CVE-2022-43144 | 1 Canteen Management System Project | 1 Canteen Management System | 2025-05-01 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2022-41757 | 1 Arm | 1 Valhall Gpu Kernel Driver | 2025-05-01 | 8.8 High |
| An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0. | ||||
| CVE-2022-41434 | 1 Eyesofnetwork | 1 Web Interface | 2025-05-01 | 6.1 Medium |
| EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php. | ||||
| CVE-2022-41433 | 1 Eyesofnetwork | 1 Web Interface | 2025-05-01 | 4.8 Medium |
| EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php. | ||||
| CVE-2022-41432 | 1 Eyesofnetwork | 1 Web Interface | 2025-05-01 | 4.8 Medium |
| EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php. | ||||