CVE's - CVE Vulnerability

CVE

Vendors

Products

Updated

CVSS v2

CVSS v3

CVE-2022-0328

2022-03-08

N/A

4.7 MEDIUM

The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting members in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack

CVE-2022-0327

2022-03-21

N/A

6.1 MEDIUM

The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting

CVE-2022-0326

2022-01-27

N/A

5.5 MEDIUM

NULL Pointer Dereference in Homebrew mruby prior to 3.2.

CVE-2022-0324

2022-11-17

N/A

7.5 HIGH

There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown. Discovered by Eugene Lim of GovTech Singapore.

CVE-2022-0323

2022-08-08

N/A

8.8 HIGH

Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1.

CVE-2022-0322

2023-02-02

N/A

5.5 MEDIUM

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

CVE-2022-0321

2022-05-12

N/A

6.1 MEDIUM

The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue

CVE-2022-0320

2022-02-04

N/A

9.8 CRITICAL

The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques.

CVE-2022-0319

2022-11-09

N/A

5.5 MEDIUM

Out-of-bounds Read in vim/vim prior to 8.2.

CVE-2022-0318

2022-11-29

N/A

9.8 CRITICAL

Heap-based Buffer Overflow in vim/vim prior to 8.2.

« Previous 1 … 11,063 11,064 11,065 11,066 11,067 … 11,258 Next »