Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4497 | 1 Ibm | 1 Jazz Reporting Service | 2022-12-07 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118. | |||||
| CVE-2020-6627 | 1 Seagate | 6 Stcg2000300, Stcg2000300 Firmware, Stcg3000300 and 3 more | 2022-12-07 | N/A | 9.8 CRITICAL |
| The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devices allows OS command injection via mv_backend_launch in cirrus/application/helpers/mv_backend_helper.php by leveraging the "start" state and sending a check_device_name request. | |||||
| CVE-2019-4542 | 1 Ibm | 1 Security Directory Server | 2022-12-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 165815. | |||||
| CVE-2019-4495 | 1 Ibm | 1 Jazz Reporting Service | 2022-12-07 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164116. | |||||
| CVE-2022-45848 | 1 Contest-gallery | 1 Contest Gallery | 2022-12-07 | N/A | 6.1 MEDIUM |
| Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Contest Gallery plugin <= 13.1.0.9 on WordPress. | |||||
| CVE-2019-4539 | 1 Ibm | 1 Security Directory Server | 2022-12-07 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812. | |||||
| CVE-2022-42782 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. | |||||
| CVE-2022-42766 | 2 Google, Unisoc | 14 Android, S8011, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. | |||||
| CVE-2019-4538 | 1 Ibm | 1 Security Directory Server | 2022-12-07 | 5.8 MEDIUM | 8.2 HIGH |
| IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 165660. | |||||
| CVE-2019-4520 | 1 Ibm | 1 Security Directory Server | 2022-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 165178. | |||||
| CVE-2022-42764 | 2 Google, Unisoc | 14 Android, S8009, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42774 | 2 Google, Unisoc | 14 Android, S8002, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42773 | 2 Google, Unisoc | 14 Android, S8001, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42765 | 2 Google, Unisoc | 15 Android, S8000, S8010 and 12 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42772 | 2 Google, Unisoc | 14 Android, S8021, Sc7731e and 11 more | 2022-12-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2020-35539 | 2022-12-07 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-32091 | 3 Debian, Fedoraproject, Mariadb | 3 Debian Linux, Fedora, Mariadb | 2022-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc. | |||||
| CVE-2022-32084 | 3 Debian, Fedoraproject, Mariadb | 3 Debian Linux, Fedora, Mariadb | 2022-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select. | |||||
| CVE-2022-32082 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2022-12-07 | 5.0 MEDIUM | 7.5 HIGH |
| MariaDB v10.5 to v10.7 was discovered to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc. | |||||
| CVE-2022-32081 | 2 Fedoraproject, Mariadb | 2 Fedora, Mariadb | 2022-12-07 | 7.5 HIGH | 7.5 HIGH |
| MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc. | |||||