• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2022-2421

February 23, 2023 by

Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object.

CVE-2022-24218

February 23, 2023 by

An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.

CVE-2022-24069

February 23, 2023 by

An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 before 05.16.29, 5.2 before 05.26.29, 5.3 before 05.35.29, 5.4 before 05.43.29, and 5.5 before 05.51.29. An SMM callout vulnerability allows an attacker to hijack the execution flow of code running in System Management Mode. Exploiting this issue could lead to escalating privileges to SMM.

CVE-2022-24071

February 23, 2023 by

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs.

CVE-2022-24072

February 23, 2023 by

The devtools API in Whale browser before 3.12.129.18 allowed extension developers to inject arbitrary JavaScript into the extension store web page via devtools.inspectedWindow, leading to extensions downloading and uploading when users open the developer tool.

CVE-2022-24073

February 23, 2023 by

The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2212
  • Go to page 2213
  • Go to page 2214
  • Go to page 2215
  • Go to page 2216
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE