Search Results (362508 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-41192 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41188 1 Sap 1 3d Visual Enterprise Viewer 2024-11-21 7.8 High
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41183 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41182 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Parasolid Part and Assembly (.x_b, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41181 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41178 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41176 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41174 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Right Hemisphere Material (.rhm, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41173 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41171 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41169 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41166 1 Sap 1 3d Visual Enterprise Author 2024-11-21 5.5 Medium
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-41154 1 Siretta 2 Quartz-gold, Quartz-gold Firmware 2024-11-21 6.5 Medium
A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigger this vulnerability.
CVE-2022-41136 1 Getshortcodes 1 Shortcodes Ultimate 2024-11-21 6.1 Medium
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress.
CVE-2022-41132 1 Ezoic 1 Ezoic 2024-11-21 6.1 Medium
Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability in Ezoic plugin <= 2.8.8 on WordPress.
CVE-2022-40981 1 Etictelecom 14 Ras-c-100-lw, Ras-e-100, Ras-e-220 and 11 more 2024-11-21 5.9 Medium
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.
CVE-2022-40980 1 Trendmicro 1 Mobile Security 2024-11-21 9.1 Critical
A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2.
CVE-2022-40979 1 Jetbrains 1 Teamcity 2024-11-21 4.4 Medium
In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
CVE-2022-40978 1 Jetbrains 1 Intellij Idea 2024-11-21 7.5 High
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking
CVE-2022-40968 1 2kblater 1 2kb Amazon Affiliates Store 2024-11-21 4.8 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in 2kb Amazon Affiliates Store plugin <=2.1.5 on WordPress.