• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1175
2022-05-10
N/A
6.1 MEDIUM
Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to exploit XSS by injecting HTML in notes.
CVE-2022-1174
2022-04-11
N/A
7.5 HIGH
A potential DoS vulnerability was discovered in Gitlab CE/EE versions 13.7 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to trigger high CPU usage via a special crafted input added in Issues, Merge requests, Milestones, Snippets, Wiki pages, etc.
CVE-2022-1173
2022-05-05
N/A
5.4 MEDIUM
stored xss in GitHub repository getgrav/grav prior to 1.7.33.
CVE-2022-1172
2022-04-05
N/A
5 MEDIUM
Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-1171
2022-05-16
N/A
6.1 MEDIUM
The Vertical scroll recent post WordPress plugin before 14.0 does not sanitise and escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting
CVE-2022-1170
2022-04-11
N/A
6.1 MEDIUM
In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests.
CVE-2022-1169
2022-04-11
N/A
6.1 MEDIUM
There is a XSS vulnerability in Careerfy.
CVE-2022-1168
2022-04-11
N/A
6.1 MEDIUM
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1.
CVE-2022-1167
2022-04-11
N/A
6.1 MEDIUM
There are unauthenticated reflected Cross-Site Scripting (XSS) vulnerabilities in CareerUp Careerup WordPress theme before 2.3.1, via the filter parameters.
CVE-2022-1166
2022-05-10
N/A
5.3 MEDIUM
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the web server, vendors can also take measures to make it less likely to happen.
« Previous 1 … 10,982 10,983 10,984 10,985 10,986 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE