• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1048
Linux, Linux Kernel
Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf
2022-12-14
N/A
7 HIGH
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-1047
Post Type Builder Search Addon, Themify
Portfolio_post, Post_type_builder_search_addon, Shortcodes, Woocommerce_product_filter
2022-05-17
N/A
6.1 MEDIUM
The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability.
CVE-2022-1046
2022-05-09
N/A
4.8 MEDIUM
The Visual Form Builder WordPress plugin before 3.0.7 does not sanitise and escape the form's 'Email to' field , which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CVE-2022-1045
2022-04-15
N/A
5.4 MEDIUM
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
CVE-2022-1044
2022-05-20
N/A
6.5 MEDIUM
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2022-1043
2023-02-02
N/A
8.8 HIGH
A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.
CVE-2022-1042
Zephyr, Zephyrproject
Zephyr
2022-08-03
N/A
8.8 HIGH
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1041
Zephyr, Zephyrproject
Zephyr
2022-08-02
N/A
8.8 HIGH
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1040
2022-10-27
N/A
9.8 CRITICAL
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
CVE-2022-1039
2022-05-04
N/A
9.8 CRITICAL
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password.
« Previous 1 … 10,994 10,995 10,996 10,997 10,998 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE