• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0328
2022-03-08
N/A
4.7 MEDIUM
The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting members in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
CVE-2022-0327
2022-03-21
N/A
6.1 MEDIUM
The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting
CVE-2022-0326
2022-01-27
N/A
5.5 MEDIUM
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
CVE-2022-0324
2022-11-17
N/A
7.5 HIGH
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown. Discovered by Eugene Lim of GovTech Singapore.
CVE-2022-0323
2022-08-08
N/A
8.8 HIGH
Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1.
CVE-2022-0322
2023-02-02
N/A
5.5 MEDIUM
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
CVE-2022-0321
2022-05-12
N/A
6.1 MEDIUM
The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue
CVE-2022-0320
2022-02-04
N/A
9.8 CRITICAL
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques.
CVE-2022-0319
2022-11-09
N/A
5.5 MEDIUM
Out-of-bounds Read in vim/vim prior to 8.2.
CVE-2022-0318
2022-11-29
N/A
9.8 CRITICAL
Heap-based Buffer Overflow in vim/vim prior to 8.2.
« Previous 1 … 11,063 11,064 11,065 11,066 11,067 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE