Search Results (364541 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-29790 1 Huawei 2 Emui, Harmonyos 2024-11-21 7.5 High
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
CVE-2022-29789 1 Huawei 2 Emui, Harmonyos 2024-11-21 7.5 High
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.
CVE-2022-29788 1 Libmobi Project 1 Libmobi 2024-11-21 6.5 Medium
libmobi before v0.10 contains a NULL pointer dereference via the component mobi_buffer_getpointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mobi file.
CVE-2022-29784 1 Publiccms 1 Publiccms 2024-11-21 5.3 Medium
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java.
CVE-2022-29780 1 Nginx 1 Njs 2024-11-21 5.5 Medium
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c.
CVE-2022-29779 1 Nginx 1 Njs 2024-11-21 5.5 Medium
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.
CVE-2022-29778 2 D-link, Dlink 3 Dir-890l Firmware, Dir-890l, Dir-890l Firmware 2024-11-21 8.8 High
D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php
CVE-2022-29777 1 Onlyoffice 2 Core, Document Server 2024-11-21 9.8 Critical
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.
CVE-2022-29776 1 Onlyoffice 2 Core, Document Server 2024-11-21 9.8 Critical
Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp.
CVE-2022-29775 1 Ispyconnect 1 Ispy 2024-11-21 9.8 Critical
iSpyConnect iSpy v7.2.2.0 allows attackers to bypass authentication via a crafted URL.
CVE-2022-29774 1 Ispyconnect 1 Ispy 2024-11-21 9.8 Critical
iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.
CVE-2022-29773 1 Aleksis 1 Aleksis 2024-11-21 6.5 Medium
An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set.
CVE-2022-29770 1 Xuxueli 1 Xxl-job 2024-11-21 5.4 Medium
XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /xxl-job-admin/jobinfo.
CVE-2022-29767 1 Adbyby Project 1 Adbyby 2024-11-21 6.5 Medium
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service (DoS) via high CPU usage due to a large number of connections.
CVE-2022-29751 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 9.8 Critical
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_client.
CVE-2022-29750 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 9.8 Critical
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.
CVE-2022-29749 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 9.8 Critical
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_invoice.
CVE-2022-29748 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 9.8 Critical
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.
CVE-2022-29747 1 Simple Client Management System Project 1 Simple Client Management System 2024-11-21 9.8 Critical
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.
CVE-2022-29746 1 Money Transfer Management System Project 1 Money Transfer Management System 2024-11-21 9.8 Critical
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f=delete.