Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32607 | 1 Smartstore | 1 Smartstore | 2022-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message. | |||||
| CVE-2021-4192 | 4 Apple, Debian, Fedoraproject and 1 more | 5 Mac Os X, Macos, Debian Linux and 2 more | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2021-4069 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2021-3984 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Heap-based Buffer Overflow | |||||
| CVE-2021-4019 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Heap-based Buffer Overflow | |||||
| CVE-2021-3974 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use After Free | |||||
| CVE-2021-29440 | 1 Getgrav | 1 Grav | 2022-11-08 | 6.5 MEDIUM | 7.2 HIGH |
| Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11. | |||||
| CVE-2021-4193 | 4 Apple, Debian, Fedoraproject and 1 more | 5 Mac Os X, Macos, Debian Linux and 2 more | 2022-11-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| vim is vulnerable to Out-of-bounds Read | |||||
| CVE-2021-3928 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2022-11-08 | 4.6 MEDIUM | 7.8 HIGH |
| vim is vulnerable to Use of Uninitialized Variable | |||||
| CVE-2014-3515 | 2 Debian, Php | 2 Debian Linux, Php | 2022-11-08 | 7.5 HIGH | N/A |
| The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage. | |||||
| CVE-2014-9709 | 5 Canonical, Debian, Libgd and 2 more | 5 Ubuntu Linux, Debian Linux, Libgd and 2 more | 2022-11-08 | 5.0 MEDIUM | N/A |
| The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. | |||||
| CVE-2021-40303 | 1 Perfexcrm | 1 Perfex Crm | 2022-11-08 | N/A | 5.4 MEDIUM |
| perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile. | |||||
| CVE-2022-44320 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44319 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44318 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44317 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioOutPutc function in cstdlib/stdio.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44316 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken. | |||||
| CVE-2022-44315 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44314 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44313 | 1 Picoc Project | 1 Picoc | 2022-11-08 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall. | |||||