Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35030 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954. | |||||
| CVE-2022-35029 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea. | |||||
| CVE-2022-35028 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6. | |||||
| CVE-2022-35037 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e. | |||||
| CVE-2022-35036 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8. | |||||
| CVE-2022-35035 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f. | |||||
| CVE-2022-40217 | 1 Xplodedthemes | 1 Wpide | 2022-09-22 | N/A | 7.2 HIGH |
| Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. | |||||
| CVE-2022-3233 | 1 Ikus-soft | 1 Rdiffweb | 2022-09-22 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. | |||||
| CVE-2022-38073 | 1 Getawesomesupport | 1 Awesome Support | 2022-09-22 | N/A | 5.4 MEDIUM |
| Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress. | |||||
| CVE-2022-36390 | 1 Total-soft | 1 Event Calendar | 2022-09-22 | N/A | 5.4 MEDIUM |
| Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress. | |||||
| CVE-2022-36386 | 1 Soflyy | 1 Wp All Import | 2022-09-22 | N/A | 7.2 HIGH |
| Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress. | |||||
| CVE-2022-25146 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2022-09-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Remote App module in Liferay Portal Liferay Portal v7.4.3.4 through v7.4.3.8 and Liferay DXP 7.4 before update 5 does not check if the origin of event messages it receives matches the origin of the Remote App, allowing attackers to exfiltrate the CSRF token via a crafted event message. | |||||
| CVE-2020-35505 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-22 | 2.1 LOW | 4.4 MEDIUM |
| A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2020-35504 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2022-09-22 | 2.1 LOW | 6.0 MEDIUM |
| A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-2282 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 2.1 LOW | 7.1 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N). | |||||
| CVE-2021-2281 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 2.1 LOW | 7.1 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N). | |||||
| CVE-2021-2280 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 2.1 LOW | 7.1 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N). | |||||
| CVE-2021-2279 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 6.8 MEDIUM | 8.1 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2021-2454 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 4.4 MEDIUM | 7.0 HIGH |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2021-2312 | 1 Oracle | 1 Vm Virtualbox | 2022-09-22 | 2.1 LOW | 4.4 MEDIUM |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows systems only. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||