• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0476
2022-04-08
N/A
5.5 MEDIUM
Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
CVE-2022-0475
2022-03-28
N/A
5.4 MEDIUM
Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions.
CVE-2022-0474
Custom Contact Fields, Otrs
Calendar_resource_planning, Cis_in_customer_frontend, Custom_contact_fields, Faq, Iphonehandle, Itsmconfigurationmanagement, Open_ticket_request_system, Otrscisincustomerfrontend, Otrs_help_desk, Otrs_itsm
2022-02-25
N/A
3.5 LOW
Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions.
CVE-2022-0473
2022-02-14
N/A
4.8 MEDIUM
OTRS administrators can configure dynamic field and inject malicious JavaScript code in the error message of the regular expression check. When used in the agent interface, malicious code might be exectued in the browser. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.31 and prior versions.
CVE-2022-0472
2022-02-10
N/A
5.4 MEDIUM
Unrestricted Upload of File with Dangerous Type in Packagist jsdecena/laracom prior to v2.0.9.
CVE-2022-0471
2022-04-15
N/A
6.1 MEDIUM
The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the json_result_url parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue
CVE-2022-0470
2022-04-11
N/A
8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0469
2022-04-08
N/A
8.8 HIGH
Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0468
2022-04-08
N/A
8.8 HIGH
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0467
2022-04-12
N/A
8.8 HIGH
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
« Previous 1 … 11,049 11,050 11,051 11,052 11,053 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE