Search Results (363333 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-1883 1 Camptocamp 1 Terraboard 2024-11-21 8.8 High
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.
CVE-2022-1882 3 Linux, Netapp, Redhat 18 Linux Kernel, H300e, H300e Firmware and 15 more 2024-11-21 7.8 High
A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2022-1881 1 Octopus 1 Octopus Server 2024-11-21 5.3 Medium
In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.
CVE-2022-1876 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1875 1 Google 1 Chrome 2024-11-21 4.3 Medium
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1874 2 Apple, Google 2 Macos, Chrome 2024-11-21 8.8 High
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.
CVE-2022-1873 1 Google 1 Chrome 2024-11-21 6.5 Medium
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1872 1 Google 1 Chrome 2024-11-21 4.3 Medium
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
CVE-2022-1871 1 Google 1 Chrome 2024-11-21 4.3 Medium
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.
CVE-2022-1870 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2022-1869 1 Google 1 Chrome 2024-11-21 6.5 Medium
Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1868 1 Google 1 Chrome 2024-11-21 6.5 Medium
Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
CVE-2022-1867 1 Google 1 Chrome 2024-11-21 6.5 Medium
Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.
CVE-2022-1866 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.
CVE-2022-1865 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
CVE-2022-1864 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
CVE-2022-1863 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
CVE-2022-1862 1 Google 1 Chrome 2024-11-21 6.5 Medium
Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.
CVE-2022-1861 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.
CVE-2022-1860 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.