• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1283
2022-04-15
N/A
5.5 MEDIUM
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).
CVE-2022-1282
2022-05-10
N/A
6.1 MEDIUM
The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $_GET['image_url'] variable, which is reflected back to the users when executing the editimage_bwg AJAX action.
CVE-2022-1281
2022-05-09
N/A
9.8 CRITICAL
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible.
CVE-2022-1280
2022-04-20
N/A
6.3 MEDIUM
A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak.
CVE-2022-1279
2022-04-22
N/A
7.5 HIGH
A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.
CVE-2022-1278
Redhat, Single Sign-on
Jboss_core_services, Enterprise_linux, Jboss_enterprise_application_platform, Enterprise_linux_server, Jboss_amq_clients_2, Openstack, Virtualization, Virtualization_host, Single_sign-on, Openshift_container_platform
2022-09-15
N/A
7.5 HIGH
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
CVE-2022-1277
2022-08-04
N/A
9.8 CRITICAL
Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.
CVE-2022-1276
2022-04-15
N/A
9.8 CRITICAL
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
CVE-2022-1275
2022-06-08
N/A
4.8 MEDIUM
The BannerMan WordPress plugin through 0.2.4 does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed (such as in multisite)
CVE-2022-1273
2022-05-10
N/A
7.2 HIGH
The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE
« Previous 1 … 10,972 10,973 10,974 10,975 10,976 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE