CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (360965 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-36772	3 Ibm, Linux, Microsoft	4 Aix, Infosphere Information Server, Linux Kernel and 1 more	2024-11-21	6.5 Medium
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.
CVE-2022-36768	1 Ibm	2 Aix, Vios	2024-11-21	7.8 High
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to obtain root privileges. IBM X-Force ID: 232014.
CVE-2022-36756	1 Dlink	2 Dir-845l, Dir-845l Firmware	2024-11-21	9.8 Critical
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php.
CVE-2022-36755	1 Dlink	2 Dir-845l, Dir-845l Firmware	2024-11-21	9.8 Critical
D-Link DIR845L A1 contains a authentication vulnerability via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.
CVE-2022-36754	1 Oretnom23	1 Expense Management System	2024-11-21	7.2 High
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p.
CVE-2022-36752	1 Png2webp Project	1 Png2webp	2024-11-21	5.5 Medium
png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file.
CVE-2022-36750	1 Oretnom23	1 Clinic\'s Patient Management System	2024-11-21	9.8 Critical
Clinic's Patient Management System v1.0 is vulnerable to SQL injection via /pms/update_user.php?id=.
CVE-2022-36749	1 Sourcefabric	1 Rpi-jukebox-rfid	2024-11-21	9.8 Critical
RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the component /htdocs/utils/Files.php. This vulnerability is exploited via a crafted payload injected into the file name of an uploaded file.
CVE-2022-36748	1 Picuploader Project	1 Picuploader	2024-11-21	6.1 Medium
PicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php.
CVE-2022-36747	1 Cobub	1 Razor	2024-11-21	6.1 Medium
Razor v0.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the function uploadchannel().
CVE-2022-36746	1 Librenms	1 Librenms	2024-11-21	6.1 Medium
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php.
CVE-2022-36745	1 Librenms	1 Librenms	2024-11-21	6.1 Medium
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php.
CVE-2022-36736	1 Jitsi	1 Jitsi	2024-11-21	6.1 Medium
Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which allows attackers to perform a clickjacking attack via a crafted HTTP request. NOTE: this is disputed by the vendor
CVE-2022-36735	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /admin/delete.php.
CVE-2022-36734	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /admin/delstu.php.
CVE-2022-36733	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /admin/del.php.
CVE-2022-36732	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /librarian/dele.php.
CVE-2022-36731	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the RollNo parameter at /librarian/delstu.php.
CVE-2022-36730	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /librarian/delete.php.
CVE-2022-36729	1 Library Management System Project	1 Library Management System	2024-11-21	9.8 Critical
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /librarian/del.php.

« first previous Page 13058 of 18049. next last »