Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38878 | 1 School Activity Updates With Sms Notification Project | 1 School Activity Updates With Sms Notification | 2022-09-16 | N/A | 7.2 HIGH |
| School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=. | |||||
| CVE-2022-40659 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15214. | |||||
| CVE-2022-40660 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15135. | |||||
| CVE-2022-38877 | 1 Garage Management System Project | 1 Garage Management System | 2022-09-16 | N/A | 7.2 HIGH |
| Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php?id=1. | |||||
| CVE-2022-38997 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-38996 | 1 Huawei | 2 Emui, Harmonyos | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-38992 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-38991 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-38988 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-38987 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-38978 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-38990 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-38989 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-16 | N/A | 7.5 HIGH |
| The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-40662 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15351. | |||||
| CVE-2021-44076 | 1 Crushftp | 1 Crushftp | 2022-09-16 | N/A | 4.8 MEDIUM |
| An issue was discovered in CrushFTP 9. The creation of a new user through the /WebInterface/UserManager/ interface allows an attacker, with access to the administration panel, to perform Stored Cross-Site Scripting (XSS). The payload can be executed in multiple scenarios, for example when the user's page appears in the Most Visited section of the page. | |||||
| CVE-2022-40655 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ND2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15071. | |||||
| CVE-2022-40656 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ND2 files. Crafted data in a ND2 file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15072. | |||||
| CVE-2022-40658 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15166. | |||||
| CVE-2022-40657 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. Crafted data in a PSD file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15073. | |||||
| CVE-2022-40663 | 1 Nikon | 1 Nis-elements Viewer | 2022-09-16 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15697. | |||||