Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40357 | 1 Zblogcn | 1 Z-blogphp | 2022-09-22 | N/A | 9.8 CRITICAL |
| A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF) vulnerability in the zb_users/plugin/UEditor/php/action_crawler.php file allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the source parameter. | |||||
| CVE-2022-39220 | 1 Sftpgo Project | 1 Sftpgo | 2022-09-22 | N/A | 6.1 MEDIUM |
| SFTPGo is an SFTP server written in Go. Versions prior to 2.3.5 are subject to Cross-site scripting (XSS) vulnerabilities in the SFTPGo WebClient, allowing remote attackers to inject malicious code. This issue is patched in version 2.3.5. No known workarounds exist. | |||||
| CVE-2022-35088 | 1 Swftools | 1 Swftools | 2022-09-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c. | |||||
| CVE-2022-38550 | 1 Jeesns | 1 Jeesns | 2022-09-22 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2022-38545 | 1 Valine.js | 1 Valine | 2022-09-22 | N/A | 9.6 CRITICAL |
| Valine v1.4.18 was discovered to contain a remote code execution (RCE) vulnerability which allows attackers to execute arbitrary code via a crafted POST request. | |||||
| CVE-2022-38532 | 1 Msi | 1 Center | 2022-09-22 | N/A | 7.8 HIGH |
| Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable. | |||||
| CVE-2022-38527 | 1 Ucms Project | 1 Ucms | 2022-09-22 | N/A | 6.1 MEDIUM |
| UCMS v1.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Import function under the Site Management page. | |||||
| CVE-2022-38509 | 1 Wedding Planner Project | 1 Wedding Planner | 2022-09-22 | N/A | 9.8 CRITICAL |
| Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking_id parameter at /admin/budget.php. | |||||
| CVE-2022-35070 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x65fc97. | |||||
| CVE-2022-35069 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b544e. | |||||
| CVE-2022-35068 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d. | |||||
| CVE-2020-36602 | 1 Huawei | 16 576up005 Hota-cm-h-shark-bd, 576up005 Hota-cm-h-shark-bd Firmware, 577hota-cm-h-shark-bd and 13 more | 2022-09-22 | N/A | 6.1 MEDIUM |
| There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write. | |||||
| CVE-2022-35067 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0. | |||||
| CVE-2022-35066 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8. | |||||
| CVE-2022-35065 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. | |||||
| CVE-2022-35064 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset. | |||||
| CVE-2022-35063 | 1 Otfcc Project | 1 Otfcc | 2022-09-22 | N/A | 6.5 MEDIUM |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8. | |||||
| CVE-2022-35085 | 1 Swftools | 1 Swftools | 2022-09-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c. | |||||
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2022-09-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | |||||
| CVE-2022-35086 | 1 Swftools | 1 Swftools | 2022-09-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. | |||||