• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1850
2022-06-03
N/A
8.1 HIGH
Path Traversal in GitHub repository filegator/filegator prior to 7.8.0.
CVE-2022-1849
2022-06-03
N/A
5.4 MEDIUM
Session Fixation in GitHub repository filegator/filegator prior to 7.8.0.
CVE-2022-1848
2022-06-03
N/A
5.3 MEDIUM
Business Logic Errors in GitHub repository erudika/para prior to 1.45.11.
CVE-2022-1847
2022-07-06
N/A
4.3 MEDIUM
The Rotating Posts WordPress plugin through 1.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2022-1846
2022-07-06
N/A
4.3 MEDIUM
The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2022-1845
2022-07-06
N/A
4.3 MEDIUM
The WP Post Styling WordPress plugin before 1.3.1 does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks
CVE-2022-1844
2022-07-06
N/A
4.3 MEDIUM
The WP Sentry WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well
CVE-2022-1843
2022-07-06
N/A
6.5 MEDIUM
The MailPress WordPress plugin through 7.2.1 does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks
CVE-2022-1842
2022-07-06
N/A
4.3 MEDIUM
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well
CVE-2022-1841
Zephyr, Zephyrproject
Zephyr
2022-09-07
N/A
5.3 MEDIUM
In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero.
« Previous 1 … 10,918 10,919 10,920 10,921 10,922 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE