Search Results (363502 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27939 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 5.5 Medium
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
CVE-2022-27937 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
CVE-2022-27936 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.
CVE-2022-27935 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.
CVE-2022-27934 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.
CVE-2022-27933 1 Pexip 1 Pexip Infinity 2024-11-21 8.2 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27932 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27931 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-27930 1 Pexip 1 Pexip Infinity 2024-11-21 5.9 Medium
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.
CVE-2022-27929 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.
CVE-2022-27928 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 High
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-27927 1 Microfinance Management System Project 1 Microfinance Management System 2024-11-21 9.8 Critical
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
CVE-2022-27920 2 Fedoraproject, Kiwix 2 Fedora, Libkiwix 2024-11-21 6.1 Medium
libkiwix 10.0.0 and 10.0.1 allows XSS in the built-in webserver functionality via the search suggestions URL parameter. This is fixed in 10.1.0.
CVE-2022-27919 1 Gradle 1 Enterprise 2024-11-21 9.8 Critical
Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API.
CVE-2022-27913 1 Joomla 1 Joomla\! 2024-11-21 6.1 Medium
An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.
CVE-2022-27912 1 Joomla 1 Joomla\! 2024-11-21 5.3 Medium
An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.
CVE-2022-27908 1 Zohocorp 1 Manageengine Opmanager 2024-11-21 8.8 High
Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
CVE-2022-27907 1 Sonatype 1 Nexus Repository Manager 2024-11-21 4.3 Medium
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
CVE-2022-27906 1 Mendelson 1 Oftp2 2024-11-21 5.9 Medium
Mendelson OFTP2 before 1.1 b43 is affected by directory traversal. To access the vulnerable code path, the attacker has to know one of the configured Odette IDs of the OFTP2 server. An attacker can upload files to the server outside of the intended upload directory.
CVE-2022-27905 1 Controlup 1 Controlup 2024-11-21 7.2 High
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this.