Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0296 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0295 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0293 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0300 | 1 Google | 2 Android, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0298 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0297 | 1 Google | 1 Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0308 | 1 Google | 2 Chrome, Chrome Os | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-24446 | 1 Wpchill | 1 Remove Footer Credit | 2022-02-18 | 6.0 MEDIUM | 5.4 MEDIUM |
| The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when saving its settings, which could allow attacker to make logged in admins change them and lead to Stored XSS issue as well due to the lack of sanitisation | |||||
| CVE-2021-37975 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-37974 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-30984 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2022-02-18 | 5.1 MEDIUM | 7.5 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30936 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2021-30934 | 3 Apple, Debian, Fedoraproject | 8 Ipados, Iphone Os, Macos and 5 more | 2022-02-18 | 9.3 HIGH | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2018-19423 | 1 Codiad | 1 Codiad | 2022-02-18 | 6.5 MEDIUM | 7.2 HIGH |
| Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an executable file. | |||||
| CVE-2017-14537 | 1 Netfortris | 1 Trixbox | 2022-02-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php. | |||||
| CVE-2017-14535 | 1 Netfortris | 1 Trixbox | 2022-02-18 | 9.0 HIGH | 8.8 HIGH |
| trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php. | |||||
| CVE-2018-6910 | 1 Dedecms | 1 Dedecms | 2022-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php. | |||||
| CVE-2018-6881 | 2 Dedecms, Phome | 2 Dedecms, Empirecms | 2022-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php. | |||||
| CVE-2018-6880 | 1 Phome | 1 Empirecms | 2022-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php. | |||||
| CVE-2021-37978 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||