Search Results (367105 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27946 1 Netgear 2 R8500, R8500 Firmware 2024-11-21 8.8 High
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi.
CVE-2022-27945 1 Netgear 2 R8500, R8500 Firmware 2024-11-21 8.8 High
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi.
CVE-2022-27944 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2024-11-21 7.5 High
Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference.
CVE-2022-27943 2 Fedoraproject, Gnu 2 Fedora, Gcc 2024-11-21 5.5 Medium
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
CVE-2022-27942 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.
CVE-2022-27941 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.
CVE-2022-27940 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
CVE-2022-27939 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 5.5 Medium
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
CVE-2022-27937 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
CVE-2022-27936 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.
CVE-2022-27935 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.
CVE-2022-27934 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.
CVE-2022-27933 1 Pexip 1 Pexip Infinity 2024-11-21 8.2 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27932 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27931 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-27930 1 Pexip 1 Pexip Infinity 2024-11-21 5.9 Medium
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.
CVE-2022-27929 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.
CVE-2022-27928 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-27927 1 Microfinance Management System Project 1 Microfinance Management System 2024-11-21 9.8 Critical
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
CVE-2022-27920 2 Fedoraproject, Kiwix 2 Fedora, Libkiwix 2024-11-21 6.1 Medium
libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.