Export limit exceeded: 353769 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 353769 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 81679 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81679 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1919 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1908 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1907 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1903 | 1 Armemberplugin | 1 Armember | 2024-11-21 | 8.1 High |
| The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username | ||||
| CVE-2022-1902 | 1 Redhat | 1 Advanced Cluster Security | 2024-11-21 | 8.8 High |
| A flaw was found in the Red Hat Advanced Cluster Security for Kubernetes. Notifier secrets were not properly sanitized in the GraphQL API. This flaw allows authenticated ACS users to retrieve Notifiers from the GraphQL API, revealing secrets that can escalate their privileges. | ||||
| CVE-2022-1898 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1886 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1883 | 1 Camptocamp | 1 Terraboard | 2024-11-21 | 8.8 High |
| SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. | ||||
| CVE-2022-1882 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, H300e, H300e Firmware and 15 more | 2024-11-21 | 7.8 High |
| A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially escalate their privileges on the system. | ||||
| CVE-2022-1876 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1874 | 2 Apple, Google | 2 Macos, Chrome | 2024-11-21 | 8.8 High |
| Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | ||||
| CVE-2022-1870 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | ||||
| CVE-2022-1866 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1865 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||
| CVE-2022-1864 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||
| CVE-2022-1863 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||||
| CVE-2022-1861 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. | ||||
| CVE-2022-1860 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1859 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1857 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | ||||