• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-2113
2022-06-27
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2.
CVE-2022-21129
2023-02-07
N/A
9.8 CRITICAL
Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.
CVE-2022-21128
2022-05-23
N/A
7.8 HIGH
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-21127
2023-01-31
N/A
5.5 MEDIUM
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21126
2022-12-01
N/A
7.8 HIGH
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.
CVE-2022-21125
2022-08-19
N/A
5.5 MEDIUM
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21124
2022-06-16
N/A
7.8 HIGH
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.
CVE-2022-21123
2022-08-19
N/A
5.5 MEDIUM
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21122
2022-06-17
N/A
9.8 CRITICAL
The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript's Function constructor.
CVE-2022-2112
2022-06-29
N/A
8.8 HIGH
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.
« Previous 1 … 10,802 10,803 10,804 10,805 10,806 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE