Search Results (363807 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-0326 1 Mruby 1 Mruby 2024-11-21 5.5 Medium
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
CVE-2022-0323 1 Mustache Project 1 Mustache 2024-11-21 8.8 High
Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1.
CVE-2022-0322 4 Fedoraproject, Linux, Oracle and 1 more 6 Fedora, Linux Kernel, Communications Cloud Native Core Binding Support Function and 3 more 2024-11-21 5.5 Medium
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).
CVE-2022-0321 1 Ohiowebtech 1 Wp Voting Contest 2024-11-21 6.1 Medium
The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue
CVE-2022-0320 1 Wpdeveloper 1 Essential Addons For Elementor 2024-11-21 9.8 Critical
The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques.
CVE-2022-0319 4 Apple, Canonical, Debian and 1 more 4 Macos, Ubuntu Linux, Debian Linux and 1 more 2024-11-21 5.5 Medium
Out-of-bounds Read in vim/vim prior to 8.2.
CVE-2022-0318 4 Apple, Debian, Redhat and 1 more 4 Macos, Debian Linux, Enterprise Linux and 1 more 2024-11-21 9.8 Critical
Heap-based Buffer Overflow in vim/vim prior to 8.2.
CVE-2022-0315 1 Horovod 1 Horovod 2024-11-21 7.5 High
Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0.
CVE-2022-0314 1 Presscustomizr 1 Nimble Page Builder 2024-11-21 6.1 Medium
The Nimble Page Builder WordPress plugin before 3.2.2 does not sanitise and escape the preview-level-guid parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
CVE-2022-0313 1 Wow-estore 1 Float Menu 2024-11-21 4.3 Medium
The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack
CVE-2022-0311 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0310 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.
CVE-2022-0309 1 Google 1 Chrome 2024-11-21 6.5 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2022-0308 1 Google 2 Chrome, Chrome Os 2024-11-21 8.8 High
Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0307 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0306 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0305 1 Google 1 Chrome 2024-11-21 6.5 Medium
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2022-0304 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0302 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0301 1 Google 1 Chrome 2024-11-21 7.8 High
Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.