CVE Vulnerability

Home ยป CVE’s

CVE’s

CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-0135
2023-02-03
N/A
7.8 HIGH
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.
CVE-2022-0134
2022-02-28
N/A
8.8 HIGH
The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack
CVE-2022-0133
2022-01-14
N/A
7.5 HIGH
peertube is vulnerable to Improper Access Control
CVE-2022-0132
2022-01-14
N/A
7.5 HIGH
peertube is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2022-0131
2022-01-24
N/A
3.3 LOW
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
CVE-2022-0130
2022-01-22
N/A
8.1 HIGH
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.
CVE-2022-0129
2022-01-21
N/A
6.7 MEDIUM
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.
CVE-2022-0128
2022-11-02
N/A
7.8 HIGH
vim is vulnerable to Out-of-bounds Read
CVE-2022-0125
2022-01-25
N/A
4.3 MEDIUM
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not verifying that a maintainer of a project had the right access to import members from a target project.
CVE-2022-0124
2022-01-25
N/A
4.3 MEDIUM
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack.
1 11,081 11,082 11,083 11,084 11,085 11,258