Export limit exceeded: 333583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (333583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47004 | 1 Redislabs | 1 Redisgraph | 2025-04-29 | 8.8 High |
| Buffer Overflow vulnerability in Redis RedisGraph v.2.x through v.2.12.8 and fixed in v.2.12.9 allows an attacker to execute arbitrary code via the code logic after valid authentication. | ||||
| CVE-2023-40117 | 1 Google | 1 Android | 2025-04-29 | 7.8 High |
| In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-44807 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | 9.8 Critical |
| D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString. | ||||
| CVE-2022-44806 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | 9.8 Critical |
| D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow. | ||||
| CVE-2022-44804 | 1 Dlink | 2 Dir-882, Dir-882 Firmware | 2025-04-29 | 9.8 Critical |
| D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function. | ||||
| CVE-2022-44801 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-04-29 | 9.8 Critical |
| D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. | ||||
| CVE-2022-44202 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-04-29 | 9.8 Critical |
| D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow. | ||||
| CVE-2022-44172 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler. | ||||
| CVE-2022-44171 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-29 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. | ||||
| CVE-2022-44169 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-29 | 7.5 High |
| Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. | ||||
| CVE-2022-43179 | 1 Online Leave Management System Project | 1 Online Leave Management System | 2025-04-29 | 7.2 High |
| Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/?page=user/manage_user&id=. | ||||
| CVE-2022-43143 | 1 Beekeeperstudio | 1 Beekeeper-studio | 2025-04-29 | 9.6 Critical |
| A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container. | ||||
| CVE-2022-43117 | 1 Password Storage Application Project | 1 Password Storage Application | 2025-04-29 | 5.4 Medium |
| Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters. | ||||
| CVE-2022-42891 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | 7.5 High |
| A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool. | ||||
| CVE-2022-42734 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | 7.5 High |
| A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow to write data in any folder accessible to the account assigned to the website’s application pool. | ||||
| CVE-2022-42733 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | 7.5 High |
| A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool. | ||||
| CVE-2022-42096 | 1 Backdropcms | 1 Backdrop Cms | 2025-04-29 | 4.8 Medium |
| Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content. | ||||
| CVE-2022-40470 | 1 Phpgurukul | 1 Blood Donor Management System | 2025-04-29 | 4.8 Medium |
| Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature. | ||||
| CVE-2022-3561 | 1 Librenms | 1 Librenms | 2025-04-29 | 6.1 Medium |
| Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. | ||||
| CVE-2022-37197 | 1 Iobit | 1 Iotransfer | 2025-04-29 | 7.8 High |
| IOBit IOTransfer V4 is vulnerable to Unquoted Service Path. | ||||