• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1895
2022-06-28
N/A
4.3 MEDIUM
The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack
CVE-2022-1894
2022-07-15
N/A
4.8 MEDIUM
The Popup Builder WordPress plugin before 4.1.11 does not escape and sanitize some settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltred_html is disallowed
CVE-2022-1893
2022-06-14
N/A
5.3 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1892
Lenovo, V130-15ikb Firmware
Legion_y520t_z370_firmware, Legion_y520t_z370, Aio310-20iap_firmware, Aio310-20iap, Aio510-22ish_firmware, Aio510-22ish, Aio510-23ish_firmware, Aio510-23ish, Aio520-22ikl_firmware, Aio520-22ikl
2023-02-03
N/A
7.8 HIGH
A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CVE-2022-1891
2023-02-03
N/A
7.8 HIGH
A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CVE-2022-1890
2023-02-03
N/A
7.8 HIGH
A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CVE-2022-1889
2022-06-28
N/A
4.8 MEDIUM
The Newsletter WordPress plugin before 7.4.6 does not escape and sanitise the preheader_text setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed
CVE-2022-1888
Alpha7 Pc Loader Firmware, Fujielectric
Alpha7_pc_loader_firmware, Alpha7_pc_loader, Alpha5_smart_loader_firmware, Alpha5_smart_loader
2022-09-07
N/A
7.8 HIGH
Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code.
CVE-2022-1887
2022-12-24
N/A
9.8 CRITICAL
The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS < 101.
CVE-2022-1886
2022-10-14
N/A
7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
« Previous 1 … 10,914 10,915 10,916 10,917 10,918 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE