• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0362
2022-02-02
N/A
9.8 CRITICAL
SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
CVE-2022-0361
2022-11-09
N/A
7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0360
2022-03-08
N/A
4.8 MEDIUM
The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues
CVE-2022-0359
2022-11-09
N/A
7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0358
2022-12-09
N/A
7.8 HIGH
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.
CVE-2022-0355
2023-02-13
N/A
7.5 HIGH
Exposure of Sensitive Information to an Unauthorized Actor in NPM simple-get prior to 4.0.1.
CVE-2022-0354
Lenovo, System Update
Legion_y520t_z370_firmware, Legion_y520t_z370, Aio310-20iap_firmware, Aio310-20iap, Aio510-22ish_firmware, Aio510-22ish, Aio510-23ish_firmware, Aio510-23ish, Aio520-22ikl_firmware, Aio520-22ikl
2022-05-04
N/A
7.8 HIGH
A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window.
CVE-2022-0352
2022-03-15
N/A
6.1 MEDIUM
Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.
CVE-2022-0351
2022-11-09
N/A
7.8 HIGH
Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.
CVE-2022-0350
2022-04-07
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13.
« Previous 1 … 11,060 11,061 11,062 11,063 11,064 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE