Search Results (362534 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-34615 1 Mealie 1 Mealie 2024-11-21 9.8 Critical
Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks.
CVE-2022-34613 1 Mealie Project 1 Mealie 2024-11-21 9.8 Critical
Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file.
CVE-2022-34612 1 Rizin 1 Rizin 2024-11-21 5.5 Medium
Rizin v0.4.0 and below was discovered to contain an integer overflow via the function get_long_object(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary.
CVE-2022-34611 1 Online Fire Reporting System Project 1 Online Fire Reporting System 2024-11-21 5.4 Medium
A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "Contac #" text field.
CVE-2022-34610 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.
CVE-2022-34609 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.
CVE-2022-34608 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.
CVE-2022-34607 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp.
CVE-2022-34606 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.
CVE-2022-34605 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp.
CVE-2022-34604 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp.
CVE-2022-34603 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm.
CVE-2022-34602 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.
CVE-2022-34601 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.
CVE-2022-34600 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm.
CVE-2022-34599 1 H3c 2 Magic R200, Magic R200 Firmware 2024-11-21 9.8 Critical
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.
CVE-2022-34598 1 H3c 2 Magic R100, Magic R100 Firmware 2024-11-21 9.8 Critical
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.
CVE-2022-34597 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 9.8 Critical
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34596 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 9.8 Critical
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2022-34595 1 Tenda 2 Ax1803, Ax1803 Firmware 2024-11-21 9.8 Critical
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.