Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21988 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2022-03-01 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Visio Remote Code Execution Vulnerability. | |||||
| CVE-2009-3832 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2022-03-01 | 5.8 MEDIUM | N/A |
| Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | |||||
| CVE-2009-3831 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2022-03-01 | 9.3 HIGH | N/A |
| Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. | |||||
| CVE-2009-0915 | 1 Opera | 1 Opera Browser | 2022-03-01 | 6.8 MEDIUM | N/A |
| Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins. | |||||
| CVE-2008-2716 | 1 Opera | 1 Opera Browser | 2022-03-01 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks. | |||||
| CVE-2012-0010 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability." | |||||
| CVE-2007-5276 | 1 Opera | 1 Opera Browser | 2022-03-01 | 4.3 MEDIUM | N/A |
| Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80. | |||||
| CVE-2011-3404 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." | |||||
| CVE-2011-2019 | 1 Microsoft | 3 Internet Explorer, Windows 7, Windows Server 2008 | 2022-03-01 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." | |||||
| CVE-2016-5027 | 1 Libdwarf Project | 1 Libdwarf | 2022-03-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| dwarf_form.c in libdwarf 20160115 allows remote attackers to cause a denial of service (crash) via a crafted elf file. | |||||
| CVE-2016-7511 | 1 Libdwarf Project | 1 Libdwarf | 2022-03-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
| CVE-2022-22308 | 1 Ibm | 1 Planning Analytics | 2022-03-01 | 6.8 MEDIUM | 7.8 HIGH |
| IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could be passed into file include commands and the web application could be tricked into including remote files with malicious code. IBM X-Force ID: 216891. | |||||
| CVE-2011-1992 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
| The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | |||||
| CVE-2022-23983 | 1 Wp-buy | 1 Wp Content Copy Protection \& No Right Click | 2022-03-01 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4). | |||||
| CVE-2022-0395 | 1 Livehelperchat | 1 Live Helper Chat | 2022-03-01 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. | |||||
| CVE-2022-23376 | 1 Wikidocs | 1 Wikidocs | 2022-03-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages. | |||||
| CVE-2021-46656 | 1 Bentley | 2 Microstation, View | 2022-03-01 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15631. | |||||
| CVE-2022-23984 | 1 Gvectors | 1 Wpdiscuz | 2022-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). | |||||
| CVE-2021-46700 | 1 Libsixel Project | 1 Libsixel | 2022-03-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. | |||||
| CVE-2022-23375 | 1 Wikidocs | 1 Wikidocs | 2022-03-01 | 6.5 MEDIUM | 8.8 HIGH |
| WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php. | |||||