• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2022-32511

February 23, 2023 by godfreyd94

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.

CVE-2022-32387

February 23, 2023 by godfreyd94

In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.

CVE-2022-32411

February 23, 2023 by godfreyd94

An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.

CVE-2022-32412

February 23, 2023 by godfreyd94

An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.

CVE-2022-32420

February 23, 2023 by godfreyd94

College Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /College/admin/teacher.php. This vulnerability is exploited via a crafted PHP file.

CVE-2022-32244

February 23, 2023 by godfreyd94

Under certain conditions an attacker authenticated as a CMS administrator access the BOE Commentary database and retrieve (non-personal) system data, modify system data but can’t make the system unavailable. This needs the attacker to have high privilege access to the same physical/logical network to access information which would otherwise be restricted, leading to low impact on confidentiality and high impact on integrity of the application.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2112
  • Go to page 2113
  • Go to page 2114
  • Go to page 2115
  • Go to page 2116
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE