Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22019 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability. | |||||
| CVE-2022-29317 | 1 Simple Bus Ticket Booking System Project | 1 Simple Bus Ticket Booking System | 2022-05-18 | 7.5 HIGH | 9.8 CRITICAL |
| Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/_handleLogin.php. | |||||
| CVE-2022-29316 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2022-05-18 | 7.5 HIGH | 9.8 CRITICAL |
| Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result&searchfor=advancesearch. | |||||
| CVE-2022-1124 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 3.5 LOW | 4.3 MEDIUM |
| An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled | |||||
| CVE-2022-1426 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.3 MEDIUM | 3.7 LOW |
| An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token. | |||||
| CVE-2022-1428 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced. | |||||
| CVE-2022-1406 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project CI/CD variables by importing a malicious project | |||||
| CVE-2020-19228 | 1 Bludit | 1 Bludit | 2022-05-18 | 9.0 HIGH | 7.2 HIGH |
| An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. | |||||
| CVE-2022-1545 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note. | |||||
| CVE-2022-26116 | 1 Fortinet | 1 Fortinac | 2022-05-18 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters. | |||||
| CVE-2022-22015 | 1 Microsoft | 10 Remote Desktop, Windows 10, Windows 11 and 7 more | 2022-05-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability. | |||||
| CVE-2022-26923 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2022-05-18 | 9.0 HIGH | 8.8 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability. | |||||
| CVE-2022-23279 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2022 | 2022-05-18 | 4.4 MEDIUM | 7.0 HIGH |
| Windows ALPC Elevation of Privilege Vulnerability. | |||||
| CVE-2022-23270 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2022-05-18 | 9.3 HIGH | 8.1 HIGH |
| Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21972. | |||||
| CVE-2022-22011 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-05-18 | 2.1 LOW | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-26934, CVE-2022-29112. | |||||
| CVE-2022-1433 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential payloads from a previously exploitable XSS vulnerability (CVE-2022-1175) to persist and execute. | |||||
| CVE-2022-22017 | 1 Microsoft | 3 Remote Desktop, Windows 11, Windows Server 2022 | 2022-05-18 | 9.3 HIGH | 8.8 HIGH |
| Remote Desktop Client Remote Code Execution Vulnerability. | |||||
| CVE-2022-29971 | 1 Insightsoftware | 1 Magnitude Simba Amazon Athena Odbc Driver | 2022-05-18 | 7.2 HIGH | 7.8 HIGH |
| An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Athena ODBC Driver 1.1.1 through 1.1.x before 1.1.17 may allow a local user to execute arbitrary code. | |||||
| CVE-2022-21978 | 1 Microsoft | 1 Exchange Server | 2022-05-18 | 7.2 HIGH | 8.2 HIGH |
| Microsoft Exchange Server Elevation of Privilege Vulnerability. | |||||
| CVE-2022-1431 | 1 Gitlab | 1 Gitlab | 2022-05-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling malicious requests to the PyPi API endpoint allowing the attacker to cause uncontrolled resource consumption. | |||||