Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38291 | 1 Slims | 1 Senayan Library Management System | 2022-09-14 | N/A | 6.1 MEDIUM |
| SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search bar. | |||||
| CVE-2022-36174 | 1 Freshworks | 1 Freshservice Agent | 2022-09-14 | N/A | 8.1 HIGH |
| FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service. | |||||
| CVE-2022-36173 | 1 Freshworks | 2 Freshservice Agent, Freshservice Probe | 2022-09-14 | N/A | 8.1 HIGH |
| FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service. | |||||
| CVE-2022-3178 | 1 Gpac | 1 Gpac | 2022-09-14 | N/A | 7.8 HIGH |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. | |||||
| CVE-2022-37835 | 1 Torguard | 1 Vpn | 2022-09-14 | N/A | 7.5 HIGH |
| Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges. | |||||
| CVE-2022-36259 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc. | |||||
| CVE-2022-36258 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | |||||
| CVE-2022-36257 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc. | |||||
| CVE-2022-36256 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode". | |||||
| CVE-2022-36255 | 1 Inventorymanagementsystem Project | 1 Inventorymanagementsystem | 2022-09-14 | N/A | 7.5 HIGH |
| A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | |||||
| CVE-2022-36254 | 1 Hotel Management System Project | 1 Hotel Management System | 2022-09-14 | N/A | 5.4 MEDIUM |
| Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname". | |||||
| CVE-2022-34110 | 1 Msi | 1 Micro-star International Feature Navigator | 2022-09-14 | N/A | 5.5 MEDIUM |
| An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size. | |||||
| CVE-2022-34109 | 1 Msi | 1 Micro-star International Feature Navigator | 2022-09-14 | N/A | 7.1 HIGH |
| An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size. | |||||
| CVE-2022-34108 | 1 Msi | 1 Micro-star International Feature Navigator | 2022-09-14 | N/A | 7.1 HIGH |
| An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file. | |||||
| CVE-2022-38972 | 1 Ark-web | 1 A-form | 2022-09-14 | N/A | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script. | |||||
| CVE-2022-37796 | 1 Simple Online Book Store System Project | 1 Simple Online Book Store System | 2022-09-14 | N/A | 5.4 MEDIUM |
| In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS). | |||||
| CVE-2022-37794 | 1 Library Management System Project | 1 Library Management System | 2022-09-14 | N/A | 9.8 CRITICAL |
| In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection. | |||||
| CVE-2022-40325 | 1 Sysaid | 1 Help Desk | 2022-09-14 | N/A | 6.1 MEDIUM |
| SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262. | |||||
| CVE-2022-40324 | 1 Sysaid | 1 Help Desk | 2022-09-14 | N/A | 6.1 MEDIUM |
| SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258. | |||||
| CVE-2022-40322 | 1 Sysaid | 1 Help Desk | 2022-09-14 | N/A | 6.1 MEDIUM |
| SysAid Help Desk before 22.1.65 allows XSS, aka FR# 66542 and 65579. | |||||