Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0891 | 1 Google | 1 Android | 2022-08-26 | N/A | 7.5 HIGH |
| An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490 | |||||
| CVE-2022-38089 | 1 Exceedone | 2 Exment, Laravel-admin | 2022-08-26 | N/A | 5.4 MEDIUM |
| Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script. | |||||
| CVE-2022-36527 | 1 Jflyfox | 1 Jfinal Cms | 2022-08-26 | N/A | 5.4 MEDIUM |
| Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the post title text field under the publish blog module. | |||||
| CVE-2022-36358 | 1 Seoscout | 1 Seo Scout | 2022-08-26 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in SEO Scout plugin <= 0.9.83 at WordPress allows attackers to trick users with administrative rights to unintentionally change the plugin settings. | |||||
| CVE-2022-2465 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-26 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in ISaGRAF Workbench, may result in remote code execution. This vulnerability requires user interaction to be successfully exploited. | |||||
| CVE-2022-2464 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-26 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing files and create additional files with the same permissions of the ISaGRAF Workbench software. User interaction is required for this exploit to be successful. | |||||
| CVE-2022-2463 | 1 Rockwellautomation | 1 Isagraf Workbench | 2022-08-26 | N/A | 7.8 HIGH |
| Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. A crafted malicious .7z exchange file may allow an attacker to gain the privileges of the ISaGRAF Workbench software when opened. If the software is running at the SYSTEM level, then the attacker will gain admin level privileges. User interaction is required for this exploit to be successful. | |||||
| CVE-2022-37162 | 1 Claroline | 1 Claroline | 2022-08-26 | N/A | 5.4 MEDIUM |
| Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event. | |||||
| CVE-2022-37161 | 1 Claroline | 1 Claroline | 2022-08-26 | N/A | 6.1 MEDIUM |
| Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload. | |||||
| CVE-2022-37160 | 1 Claroline | 1 Claroline | 2022-08-26 | N/A | 5.4 MEDIUM |
| Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. By combining the XSS vulnerability present in several upload forms and a javascript request to the present API, it is possible to trigger the creation of a user with administrative rights by opening an SVG file as an administrator user. | |||||
| CVE-2022-37159 | 1 Claroline | 1 Claroline | 2022-08-26 | N/A | 9.8 CRITICAL |
| Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload. | |||||
| CVE-2022-37292 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-08-26 | N/A | 5.5 MEDIUM |
| Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind. | |||||
| CVE-2022-37238 | 1 Altn | 1 Security Gateway For Email Servers | 2022-08-26 | N/A | 5.4 MEDIUM |
| MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter. | |||||
| CVE-2020-27802 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 5.5 MEDIUM |
| An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2020-27801 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 7.8 HIGH |
| A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2020-27800 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 7.8 HIGH |
| A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2020-27799 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 7.8 HIGH |
| A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2020-27798 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 5.5 MEDIUM |
| An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2020-27797 | 1 Upx Project | 1 Upx | 2022-08-26 | N/A | 5.5 MEDIUM |
| An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | |||||
| CVE-2022-37824 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2022-08-26 | N/A | 7.8 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. | |||||