Search Results (363690 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-0587 1 Librenms 1 Librenms 2024-11-21 6.5 Medium
Improper Authorization in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0578 1 Publify Project 1 Publify 2024-11-21 6.5 Medium
Code Injection in GitHub repository publify/publify prior to 9.2.8.
CVE-2022-0577 2 Debian, Scrapy 2 Debian Linux, Scrapy 2024-11-21 6.5 Medium
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
CVE-2022-0576 1 Librenms 1 Librenms 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.
CVE-2022-0575 1 Librenms 1 Librenms 2024-11-21 5.4 Medium
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0574 1 Publify Project 1 Publify 2024-11-21 6.5 Medium
Improper Access Control in GitHub repository publify/publify prior to 9.2.8.
CVE-2022-0573 1 Jfrog 1 Artifactory 2024-11-21 8.8 High
JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object.
CVE-2022-0571 2 Fedoraproject, Phoronix-media 3 Extra Packages For Enterprise Linux, Fedora, Phoronix Test Suite 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2.
CVE-2022-0570 1 Mruby 1 Mruby 2024-11-21 9.8 Critical
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
CVE-2022-0567 2 Ovn, Redhat 2 Ovn-kubernetes, Openshift 2024-11-21 9.1 Critical
A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in information disclosure and other attacks on other pods that should not be reachable.
CVE-2022-0562 5 Debian, Fedoraproject, Libtiff and 2 more 5 Debian Linux, Fedora, Libtiff and 2 more 2024-11-21 5.5 Medium
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
CVE-2022-0561 5 Debian, Fedoraproject, Libtiff and 2 more 5 Debian Linux, Fedora, Libtiff and 2 more 2024-11-21 5.5 Medium
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
CVE-2022-0560 1 Microweber 1 Microweber 2024-11-21 6.1 Medium
Open Redirect in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0559 2 Fedoraproject, Radare 2 Fedora, Radare2 2024-11-21 9.8 Critical
Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-0558 1 Microweber 1 Microweber 2024-11-21 5.4 Medium
Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0557 1 Microweber 1 Microweber 2024-11-21 7.2 High
OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
CVE-2022-0556 1 Zyxel 1 Zyxel Ap Configurator 2024-11-21 7.3 High
A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator.
CVE-2022-0554 5 Apple, Debian, Fedoraproject and 2 more 5 Macos, Debian Linux, Fedora and 2 more 2024-11-21 7.8 High
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.
CVE-2022-0552 1 Redhat 2 Logging, Origin-aggregated-logging 2024-11-21 5.9 Medium
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11.
CVE-2022-0551 1 Nozominetworks 2 Cmc, Guardian 2024-11-21 7.2 High
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0.