Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-4843 | 1 Radare | 1 Radare2 | 2023-01-05 | N/A | 7.5 HIGH |
| NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. | |||||
| CVE-2022-4797 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 4.3 MEDIUM |
| Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4796 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 8.1 HIGH |
| Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4850 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4849 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4846 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4845 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4844 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4841 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4840 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4839 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2021-35951 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 7.5 HIGH |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device. | |||||
| CVE-2021-35952 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 5.3 MEDIUM |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017. | |||||
| CVE-2021-35953 | 1 Fastrack | 2 Reflex 2.0, Reflex 2.0 Firmware | 2023-01-05 | N/A | 7.5 HIGH |
| fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker allows a Remote attacker to cause a Denial of Service (device outage) via crafted choices of the last three bytes of a characteristic value. | |||||
| CVE-2022-4724 | 1 Ikus-soft | 1 Rdiffweb | 2023-01-05 | N/A | 9.8 CRITICAL |
| Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. | |||||
| CVE-2022-24116 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2023-01-05 | N/A | 9.8 CRITICAL |
| Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0. | |||||
| CVE-2022-24117 | 1 Ge | 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more | 2023-01-05 | N/A | 9.8 CRITICAL |
| Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6. | |||||
| CVE-2022-47968 | 1 Linuxserver | 1 Heimdall Application Dashboard | 2023-01-05 | N/A | 5.4 MEDIUM |
| Heimdall Application Dashboard through 2.5.4 allows reflected and stored XSS via "Application name" to the "Add application" page. The stored XSS will be triggered in the "Application list" page. | |||||
| CVE-2021-4292 | 1 Openmrs | 1 Admin Ui Module | 2023-01-05 | N/A | 6.1 MEDIUM |
| A vulnerability was found in OpenMRS Admin UI Module up to 1.4.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/metadata/privileges/privilege.gsp of the component Manage Privilege Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.5.0 is able to address this issue. The name of the patch is 4f8565425b7c74128dec9ca46dfbb9a3c1c24911. It is recommended to upgrade the affected component. The identifier VDB-216917 was assigned to this vulnerability. | |||||
| CVE-2022-4772 | 1 Widoco Project | 1 Widoco | 2023-01-05 | N/A | 7.8 HIGH |
| A vulnerability was found in Widoco and classified as critical. Affected by this issue is the function unZipIt of the file src/main/java/widoco/WidocoUtils.java. The manipulation leads to path traversal. It is possible to launch the attack on the local host. The name of the patch is f2279b76827f32190adfa9bd5229b7d5a147fa92. It is recommended to apply a patch to fix this issue. VDB-216914 is the identifier assigned to this vulnerability. | |||||