Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1488 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | |||||
| CVE-2022-36573 | 1 Pagekit | 1 Pagekit | 2022-09-01 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Pagekit CMS v1.0.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Markdown text box under /blog/post/edit. | |||||
| CVE-2022-36708 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /student/bookdetails.php. | |||||
| CVE-2022-1487 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 7.5 HIGH |
| Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | |||||
| CVE-2022-1232 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1146 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-36706 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the Id parameter at /stocks/manage_stockout.php. | |||||
| CVE-2022-1144 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1145 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 7.5 HIGH |
| Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | |||||
| CVE-2022-1143 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1142 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1141 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. | |||||
| CVE-2022-38149 | 1 Hashicorp | 1 Consul Template | 2022-09-01 | N/A | 7.5 HIGH |
| HashiCorp Consul Template up to 0.27.2, 0.28.2, and 0.29.1 may expose the contents of Vault secrets in the error returned by the *template.Template.Execute method, when given a template using Vault secret contents incorrectly. Fixed in 0.27.3, 0.28.3, and 0.29.2. | |||||
| CVE-2013-20004 | 1 Starwindsoftware | 1 Iscsi San | 2022-09-01 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target multiple times. This affects iSCSI SAN (Windows Native) Version 6.0, build 2013-01-16. | |||||
| CVE-2007-20001 | 1 Starwindsoftware | 1 Iscsi San | 2022-09-01 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20. | |||||
| CVE-2022-37428 | 1 Powerdns | 1 Recursor | 2022-09-01 | N/A | 6.5 MEDIUM |
| PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties. | |||||
| CVE-2022-36748 | 1 Picuploader Project | 1 Picuploader | 2022-09-01 | N/A | 6.1 MEDIUM |
| PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php. | |||||
| CVE-2022-36746 | 1 Librenms | 1 Librenms | 2022-09-01 | N/A | 6.1 MEDIUM |
| LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php. | |||||
| CVE-2022-36745 | 1 Librenms | 1 Librenms | 2022-09-01 | N/A | 6.1 MEDIUM |
| LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php. | |||||
| CVE-2022-36735 | 1 Library Management System Project | 1 Library Management System | 2022-09-01 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php. | |||||