Export limit exceeded: 353557 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81633 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1491 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | ||||
| CVE-2022-1490 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1489 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1487 | 1 Google | 1 Chrome | 2024-11-21 | 7.5 High |
| Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | ||||
| CVE-2022-1486 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2022-1485 | 1 Google | 1 Chrome | 2024-11-21 | 7.5 High |
| Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1484 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1483 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1481 | 2 Apple, Google | 2 Macos, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1479 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1478 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1477 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1472 | 1 Codesolz | 1 Better Find And Replace | 2024-11-21 | 7.2 High |
| The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection | ||||
| CVE-2022-1459 | 1 Open-emr | 1 Openemr | 2024-11-21 | 8.3 High |
| Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1. | ||||
| CVE-2022-1452 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.1 High |
| Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | ||||
| CVE-2022-1451 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.1 High |
| Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html). | ||||
| CVE-2022-1441 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 7.8 High |
| MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow. | ||||
| CVE-2022-1437 | 1 Radare | 1 Radare2 | 2024-11-21 | 7.1 High |
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2022-1430 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 7.5 High |
| Cross-site Scripting (XSS) - DOM in GitHub repository octoprint/octoprint prior to 1.8.0. | ||||
| CVE-2022-1429 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 7.5 High |
| SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. This vulnerability is capable of steal the data | ||||