Search Results (362527 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-22909 1 Digitaldruid 1 Hoteldruid 2024-11-21 8.8 High
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.
CVE-2022-22908 1 Sangfor 1 Vdi Client 2024-11-21 5.5 Medium
SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields.
CVE-2022-22901 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9.
CVE-2022-22899 1 Coreftp 1 Core Ftp 2024-11-21 5.5 Medium
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service.
CVE-2022-22897 1 Apollotheme 1 Ap Pagebuilder 2024-11-21 9.8 Critical
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.
CVE-2022-22895 1 Jerryscript 1 Jerryscript 2024-11-21 7.8 High
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.
CVE-2022-22894 1 Jerryscript 1 Jerryscript 2024-11-21 7.8 High
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
CVE-2022-22893 1 Jerryscript 1 Jerryscript 2024-11-21 7.8 High
Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
CVE-2022-22892 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_value_null (value) || ecma_is_value_boolean (value) || ecma_is_value_number (value) || ecma_is_value_string (value) || ecma_is_value_bigint (value) || ecma_is_value_symbol (value) || ecma_is_value_object (value)' failed at jerry-core/ecma/base/ecma-helpers-value.c in Jerryscripts 3.0.0.
CVE-2022-22891 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c.
CVE-2022-22890 1 Jerryscript 1 Jerryscript 2024-11-21 5.5 Medium
There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT && arguments_type != SCANNER_ARGUMENTS_PRESENT_NO_REG' failed at /jerry-core/parser/js/js-scanner-util.c in Jerryscript 3.0.0.
CVE-2022-22888 1 Jerryscript 1 Jerryscript 2024-11-21 7.8 High
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
CVE-2022-22885 1 Hutool 1 Hutool 2024-11-21 9.8 Critical
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
CVE-2022-22881 1 Jeecg 1 Jeecg Boot 2024-11-21 9.8 Critical
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData.
CVE-2022-22880 1 Jeecg 1 Jeecg Boot 2024-11-21 9.8 Critical
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /jeecg-boot/sys/user/queryUserByDepId.
CVE-2022-22868 1 Gibbonedu 1 Gibbon 2024-11-21 4.8 Medium
Gibbon CMS v22.0.01 was discovered to contain a cross-site scripting (XSS) vulnerability, that allows attackers to inject arbitrary script via name parameters.
CVE-2022-22854 1 Hospital\'s Patient Records Management System Project 1 Hospital\'s Patient Records Management System 2024-11-21 8.8 High
An access control issue in hprms/admin/?page=user/list of Hospital Patient Record Management System v1.0 allows attackers to escalate privileges via accessing and editing the user list.
CVE-2022-22853 1 Hospital\'s Patient Records Management System Project 1 Hospital\'s Patient Records Management System 2024-11-21 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field.
CVE-2022-22852 1 Hospital\'s Patient Records Management System Project 1 Hospital\'s Patient Records Management System 2024-11-21 5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list.
CVE-2022-22851 1 Hospital\'s Patient Records Management System Project 1 Hospital\'s Patient Records Management System 2024-11-21 5.4 Medium
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php