Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4298 | 1 Nd | 1 Sipity | 2023-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb. The manipulation leads to sql injection. Upgrading to version 2021.8 is able to address this issue. The name of the patch is d1704c7363b899ffce65be03a796a0ee5fdbfbdc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217179. | |||||
| CVE-2017-20153 | 1 Imageserve Project | 1 Imageserve | 2023-01-09 | N/A | 6.1 MEDIUM |
| A vulnerability has been found in aerouk imageserve and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument REQUEST_URI leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2ac3cd4f90b4df66874fab171376ca26868604c4. It is recommended to apply a patch to fix this issue. The identifier VDB-217057 was assigned to this vulnerability. | |||||
| CVE-2022-35017 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2023-01-09 | N/A | 5.5 MEDIUM |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow. | |||||
| CVE-2022-35016 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2023-01-09 | N/A | 5.5 MEDIUM |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow. | |||||
| CVE-2022-35015 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2023-01-09 | N/A | 5.5 MEDIUM |
| Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h. | |||||
| CVE-2022-35014 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2023-01-09 | N/A | 5.5 MEDIUM |
| Advancecomp v2.3 contains a segmentation fault. | |||||
| CVE-2010-10002 | 1 Simplesamlphp | 1 Simplesamlphp-module-openid | 2023-01-09 | N/A | 6.1 MEDIUM |
| ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in SimpleSAMLphp simplesamlphp-module-openid. Affected is an unknown function of the file templates/consumer.php of the component OpenID Handler. The manipulation of the argument AuthState leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0 is able to address this issue. The name of the patch is d652d41ccaf8c45d5707e741c0c5d82a2365a9a3. It is recommended to upgrade the affected component. VDB-217170 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-42475 | 1 Fortinet | 23 Fim-7901e, Fim-7904e, Fim-7910e and 20 more | 2023-01-09 | N/A | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. | |||||
| CVE-2021-4299 | 1 String Kit Project | 1 String Kit | 2023-01-09 | N/A | 7.5 HIGH |
| A vulnerability classified as problematic was found in cronvel string-kit up to 0.12.7. This vulnerability affects the function naturalSort of the file lib/naturalSort.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. Upgrading to version 0.12.8 is able to address this issue. The name of the patch is 9cac4c298ee92c1695b0695951f1488884a7ca73. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217180. | |||||
| CVE-2023-0029 | 1 Multilaserempresas | 2 Re708, Re708 Firmware | 2023-01-09 | N/A | 7.5 HIGH |
| A vulnerability was found in Multilaser RE708 RE1200R4GC-2T2R-V3_v3411b_MUL029B. It has been rated as problematic. This issue affects some unknown processing of the component Telnet Service. The manipulation leads to denial of service. The attack may be initiated remotely. The identifier VDB-217169 was assigned to this vulnerability. | |||||
| CVE-2014-125034 | 1 Contact App Project | 1 Contact App | 2023-01-09 | N/A | 6.1 MEDIUM |
| A vulnerability has been found in stiiv contact_app and classified as problematic. Affected by this vulnerability is the function render of the file libs/View.php. The manipulation of the argument var leads to cross site scripting. The attack can be launched remotely. The name of the patch is 67bec33f559da9d41a1b45eb9e992bd8683a7f8c. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217183. | |||||
| CVE-2018-25063 | 1 Zenoss | 1 Dashboard | 2023-01-09 | N/A | 6.1 MEDIUM |
| A vulnerability classified as problematic was found in Zenoss Dashboard up to 1.3.4. Affected by this vulnerability is an unknown functionality of the file ZenPacks/zenoss/Dashboard/browser/resources/js/defaultportlets.js. The manipulation of the argument HTMLString leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.3.5 is able to address this issue. The name of the patch is f462285a0a2d7e1a9255b0820240b94a43b00a44. It is recommended to upgrade the affected component. The identifier VDB-217153 was assigned to this vulnerability. | |||||
| CVE-2014-125031 | 1 Teknet Project | 1 Teknet | 2023-01-09 | N/A | 6.1 MEDIUM |
| A vulnerability was found in kirill2485 TekNet. It has been classified as problematic. Affected is an unknown function of the file pages/loggedin.php. The manipulation of the argument statusentery leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 1c575340539f983333aa43fc58ecd76eb53e1816. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217176. | |||||
| CVE-2018-25062 | 1 Elementalx | 1 Elementalx | 2023-01-09 | N/A | 7.5 HIGH |
| A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x. Affected is the function xfrm_dump_policy_done of the file net/xfrm/xfrm_user.c of the component ipsec. The manipulation leads to denial of service. Upgrading to version 7.00 is able to address this issue. The name of the patch is 1df72c9f0f61304437f4f1037df03b5fb36d5a79. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-217152. | |||||
| CVE-2022-45050 | 1 Axiell | 1 Iguana | 2023-01-09 | N/A | 6.1 MEDIUM |
| A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The title parameter on the twitter.php endpoint does not properly neutralise user input, resulting in the vulnerability. | |||||
| CVE-2014-125032 | 1 Go-with-me Project | 1 Go-with-me | 2023-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file module/frontend/add.php. The manipulation leads to sql injection. The name of the patch is b92451e4f9e85e26cf493c95ea0a69e354c35df9. It is recommended to apply a patch to fix this issue. The identifier VDB-217177 was assigned to this vulnerability. | |||||
| CVE-2022-4229 | 1 Book Store Management System Project | 1 Book Store Management System | 2023-01-09 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in SourceCodester Book Store Management System 1.0. This vulnerability affects unknown code of the file /bsms_ci/index.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214588. | |||||
| CVE-2022-42842 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 9.8 CRITICAL |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution. | |||||
| CVE-2022-42841 | 1 Apple | 1 Macos | 2023-01-09 | N/A | 7.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution. | |||||
| CVE-2022-42840 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-01-09 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges. | |||||