• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1885
2022-07-06
N/A
4.3 MEDIUM
The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2022-1883
2022-06-03
N/A
8.8 HIGH
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.
CVE-2022-1882
2022-10-27
N/A
7.8 HIGH
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-1881
2022-07-27
N/A
5.3 MEDIUM
In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.
CVE-2022-1876
2022-10-26
N/A
8.8 HIGH
Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1875
2022-10-26
N/A
4.3 MEDIUM
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1874
2022-10-26
N/A
8.8 HIGH
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.
CVE-2022-1873
2022-10-26
N/A
6.5 MEDIUM
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1872
2022-10-26
N/A
4.3 MEDIUM
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
CVE-2022-1871
2022-10-26
N/A
4.3 MEDIUM
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.
« Previous 1 … 10,915 10,916 10,917 10,918 10,919 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE