Export limit exceeded: 353581 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 81640 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81640 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1539 | 1 Exports And Reports Project | 1 Exports And Reports | 2024-11-21 | 8.8 High |
| The Exports and Reports WordPress plugin before 0.9.2 does not sanitize and validate data when generating the CSV to export, which could lead to a CSV injection, by the use of Microsoft Excel DDE function, or to leak data via maliciously injected hyperlinks. | ||||
| CVE-2022-1537 | 1 Gruntjs | 1 Grunt | 2024-11-21 | 7.0 High |
| file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privileged user has write access to both source and destination directories as the lower-privileged user can create a symlink to the GruntJS user's .bashrc file or replace /etc/shadow file if the GruntJS user is root. | ||||
| CVE-2022-1534 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 7.1 High |
| Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2022-1533 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution. | ||||
| CVE-2022-1513 | 1 Lenovo | 1 Pcmanager | 2024-11-21 | 7.3 High |
| A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website. | ||||
| CVE-2022-1496 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | ||||
| CVE-2022-1493 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | ||||
| CVE-2022-1491 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | ||||
| CVE-2022-1490 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1489 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-1487 | 1 Google | 1 Chrome | 2024-11-21 | 7.5 High |
| Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | ||||
| CVE-2022-1486 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||||
| CVE-2022-1485 | 1 Google | 1 Chrome | 2024-11-21 | 7.5 High |
| Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1484 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1483 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1481 | 2 Apple, Google | 2 Macos, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1479 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1478 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1477 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-1472 | 1 Codesolz | 1 Better Find And Replace | 2024-11-21 | 7.2 High |
| The Better Find and Replace WordPress plugin before 1.3.6 does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection | ||||