• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0145
2022-03-29
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0144
2022-02-09
N/A
7.1 HIGH
shelljs is vulnerable to Improper Privilege Management
CVE-2022-0143
2022-09-21
N/A
9.8 CRITICAL
When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS)
CVE-2022-0142
2022-06-13
N/A
9.8 CRITICAL
The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.
CVE-2022-0141
2022-06-13
N/A
8.1 HIGH
The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks
CVE-2022-0140
2023-02-01
N/A
5.3 MEDIUM
The Visual Form Builder WordPress plugin before 3.0.8 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint.
CVE-2022-0139
2022-02-11
N/A
9.8 CRITICAL
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
CVE-2022-0138
2022-02-26
N/A
7.5 HIGH
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created.
CVE-2022-0137
2023-02-02
N/A
5.5 MEDIUM
A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
CVE-2022-0136
2022-04-04
N/A
8.1 HIGH
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature.
« Previous 1 … 11,080 11,081 11,082 11,083 11,084 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE