Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36692 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. | |||||
| CVE-2021-3690 | 1 Redhat | 8 Enterprise Linux, Fuse, Integration Camel K and 5 more | 2022-08-26 | N/A | 7.5 HIGH |
| A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability. | |||||
| CVE-2022-36703 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 8.8 HIGH |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /stocks/manage_stockin.php. | |||||
| CVE-2022-36701 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 8.8 HIGH |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/view_item.php. | |||||
| CVE-2021-3763 | 1 Redhat | 1 Amq Broker | 2022-08-26 | N/A | 4.3 MEDIUM |
| A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity. | |||||
| CVE-2021-3905 | 4 Canonical, Fedoraproject, Openvswitch and 1 more | 4 Ubuntu Linux, Fedora, Openvswitch and 1 more | 2022-08-26 | N/A | 7.5 HIGH |
| A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | |||||
| CVE-2022-36700 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 8.8 HIGH |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /items/manage_item.php. | |||||
| CVE-2022-36699 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 8.8 HIGH |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/manage_category.php. | |||||
| CVE-2022-36698 | 1 Ingredients Stock Management System Project | 1 Ingredients Stock Management System | 2022-08-26 | N/A | 8.8 HIGH |
| Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/view_category.php. | |||||
| CVE-2022-37152 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-08-26 | N/A | 9.8 CRITICAL |
| An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client" | |||||
| CVE-2022-37151 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-08-26 | N/A | 7.5 HIGH |
| There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0. | |||||
| CVE-2022-37150 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-08-26 | N/A | 5.4 MEDIUM |
| An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters. | |||||
| CVE-2022-36683 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment. | |||||
| CVE-2022-36682 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student. | |||||
| CVE-2022-36681 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account. | |||||
| CVE-2022-36680 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule. | |||||
| CVE-2022-36679 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user. | |||||
| CVE-2022-36678 | 1 Simple Task Scheduling System Project | 1 Simple Task Scheduling System | 2022-08-26 | N/A | 9.8 CRITICAL |
| Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category. | |||||
| CVE-2012-0574 | 4 Canonical, Mariadb, Oracle and 1 more | 7 Ubuntu Linux, Mariadb, Mysql and 4 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2012-0572 | 4 Canonical, Mariadb, Oracle and 1 more | 7 Ubuntu Linux, Mariadb, Mysql and 4 more | 2022-08-26 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||