• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0714
2022-12-02
N/A
5.5 MEDIUM
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
CVE-2022-0713
2022-04-08
N/A
7.1 HIGH
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4.
CVE-2022-0712
2022-04-08
N/A
5.5 MEDIUM
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4.
CVE-2022-0711
Redhat, Software Collections
Jboss_core_services, Enterprise_linux, Jboss_enterprise_application_platform, Enterprise_linux_server, Jboss_amq_clients_2, Openstack, Virtualization, Virtualization_host, Single_sign-on, Openshift_container_platform
2022-07-21
N/A
7.5 HIGH
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.
CVE-2022-0710
2022-03-03
N/A
6.1 MEDIUM
The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter.
CVE-2022-0709
2022-04-11
N/A
7.5 HIGH
The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data disclosure vulnerability.
CVE-2022-0708
2022-03-01
N/A
6.5 MEDIUM
Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure.
CVE-2022-0707
Easy Digital Downloads, Sandhillsdev
Easy_digital_downloads
2022-04-25
N/A
4.3 MEDIUM
The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow attackers to make a logged admin insert arbitrary notes via a CSRF attack
CVE-2022-0706
Easy Digital Downloads, Sandhillsdev
Easy_digital_downloads
2022-04-25
N/A
4.8 MEDIUM
The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltered_html capability is disallowed
CVE-2022-0705
2022-03-22
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.
« Previous 1 … 11,026 11,027 11,028 11,029 11,030 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE