Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25094 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-03-08 | 6.5 MEDIUM | 8.8 HIGH |
| Home Owners Collection Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the parameter "cover" in SystemSettings.php. | |||||
| CVE-2022-25095 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 allows unauthenticated attackers to compromise user accounts via a crafted POST request. | |||||
| CVE-2022-25096 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in /members/view_member.php. | |||||
| CVE-2022-0247 | 1 Google | 1 Fuchsia | 2022-03-08 | 2.1 LOW | 5.5 MEDIUM |
| An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots. A local attacker could modify objects in the VMO that they do not have permission to. We recommend upgrading past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d or any of the listed versions. | |||||
| CVE-2022-25838 | 1 Laravel | 1 Fortify | 2022-03-08 | 6.8 MEDIUM | 8.1 HIGH |
| Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept. | |||||
| CVE-2021-44568 | 1 Opensuse | 1 Libsolv | 2022-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service. | |||||
| CVE-2021-42244 | 1 Notimoo Project | 1 Notimoo | 2022-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in PaquitoSoftware Notimoo v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted title or message in a notification. | |||||
| CVE-2021-37504 | 1 Hayageek | 1 Jquery Upload File | 2022-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name. | |||||
| CVE-2021-37103 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-08 | 2.1 LOW | 5.5 MEDIUM |
| There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-37027 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity. | |||||
| CVE-2021-26617 | 2 Firstmall, Microsoft | 2 Firstmall, Windows | 2022-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| This issues due to insufficient verification of the various input values from user’s input. The vulnerability allows remote attackers to execute malicious code in Firstmall via navercheckout_add function. | |||||
| CVE-2021-22489 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service availability. | |||||
| CVE-2021-22480 | 1 Huawei | 1 Harmonyos | 2022-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow. | |||||
| CVE-2022-22908 | 1 Sangfor | 1 Vdi Client | 2022-03-07 | 2.1 LOW | 5.5 MEDIUM |
| SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields. | |||||
| CVE-2022-26146 | 1 Tricentis | 1 Qtest | 2022-03-07 | 3.5 LOW | 5.4 MEDIUM |
| Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker. | |||||
| CVE-2021-39301 | 1 Hp | 374 260 G3 Desktop Mini Pc, 260 G3 Desktop Mini Pc Firmware, Elite Dragonfly and 371 more | 2022-03-07 | 7.2 HIGH | 8.8 HIGH |
| Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | |||||
| CVE-2021-39300 | 1 Hp | 374 260 G3 Desktop Mini Pc, 260 G3 Desktop Mini Pc Firmware, Elite Dragonfly and 371 more | 2022-03-07 | 7.2 HIGH | 8.8 HIGH |
| Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | |||||
| CVE-2021-39297 | 1 Hp | 374 260 G3 Desktop Mini Pc, 260 G3 Desktop Mini Pc Firmware, Elite Dragonfly and 371 more | 2022-03-07 | 7.2 HIGH | 8.8 HIGH |
| Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | |||||
| CVE-2021-39299 | 1 Hp | 374 260 G3 Desktop Mini Pc, 260 G3 Desktop Mini Pc Firmware, Elite Dragonfly and 371 more | 2022-03-07 | 7.2 HIGH | 8.8 HIGH |
| Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution. | |||||
| CVE-2021-29220 | 1 Hp | 1 Ilo Amplifier Pack | 2022-03-07 | 9.0 HIGH | 7.2 HIGH |
| Multiple buffer overflow security vulnerabilities have been identified in HPE iLO Amplifier Pack version(s): Prior to 2.12. These vulnerabilities could be exploited by a highly privileged user to remotely execute code that could lead to a loss of confidentiality, integrity, and availability. HPE has provided a software update to resolve this vulnerability in HPE iLO Amplifier Pack. | |||||