• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0284
2022-09-01
N/A
7.1 HIGH
A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure.
CVE-2022-0283
2022-10-05
N/A
6.1 MEDIUM
An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
CVE-2022-0282
2022-01-26
N/A
7.5 HIGH
Code Injection in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0281
2022-01-26
N/A
7.5 HIGH
Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0280
Mcafee, Total Protection
Total_protection, Data_loss_prevention_endpoint, True_key, Endpoint_security, Client_proxy, Active_response, Active_virus_defense, Active_virusscan, Advanced_threat_defense, Agent
2022-03-21
N/A
6.3 MEDIUM
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.
CVE-2022-0279
2022-02-28
N/A
3.1 LOW
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users
CVE-2022-0278
2022-01-26
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0277
2022-01-26
N/A
6.5 MEDIUM
Improper Access Control in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0274
2022-01-25
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2.
CVE-2022-0273
2022-03-17
N/A
6.5 MEDIUM
Improper Access Control in Pypi calibreweb prior to 0.6.16.
« Previous 1 … 11,067 11,068 11,069 11,070 11,071 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE