Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-52430 | 1 Authcrunch | 1 Caddy-security | 2025-05-06 | 5.4 Medium |
| The caddy-security plugin 1.1.20 for Caddy allows reflected XSS via a GET request to a URL that contains an XSS payload and begins with either a /admin or /settings/mfa/delete/ substring. | ||||
| CVE-2023-46257 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2025-05-06 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-41727 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2025-05-06 | 9.8 Critical |
| An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution. | ||||
| CVE-2023-27172 | 1 Xpand-it | 1 Write-back Manager | 2025-05-06 | 9.1 Critical |
| Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack. | ||||
| CVE-2022-44081 | 1 Lodev | 1 Lodepng | 2025-05-06 | 5.5 Medium |
| Lodepng v20220717 was discovered to contain a segmentation fault via the function pngdetail. | ||||
| CVE-2022-44079 | 1 Pycdc Project | 1 Pycdc | 2025-05-06 | 5.5 Medium |
| pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component __sanitizer::StackDepotBase<__sanitizer::StackDepotNode. | ||||
| CVE-2022-43752 | 2 Common Desktop Environment Project, Oracle | 2 Common Desktop Environment, Solaris | 2025-05-06 | 7.8 High |
| Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon. | ||||
| CVE-2022-43152 | 1 Tsmuxer Project | 1 Tsmuxer | 2025-05-06 | 5.5 Medium |
| tsMuxer v2.6.16 was discovered to contain a heap overflow via the function BitStreamWriter::flushBits() at /tsMuxer/bitStream.h. | ||||
| CVE-2022-43151 | 1 Hzeller | 1 Timg | 2025-05-06 | 5.5 Medium |
| timg v1.4.4 was discovered to contain a memory leak via the function timg::QueryBackgroundColor() at /timg/src/term-query.cc. | ||||
| CVE-2022-43148 | 1 Rtf2html Project | 1 Rtf2html | 2025-05-06 | 5.5 Medium |
| rtf2html v0.2.0 was discovered to contain a heap overflow in the component /rtf2html/./rtf_tools.h. | ||||
| CVE-2022-40617 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2025-05-06 | 7.5 High |
| strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. | ||||
| CVE-2022-40488 | 1 Processwire | 1 Processwire | 2025-05-06 | 6.5 Medium |
| ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF). | ||||
| CVE-2022-32940 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-06 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32939 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-06 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32938 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-06 | 5.3 Medium |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut may be able to check the existence of an arbitrary path on the file system. | ||||
| CVE-2022-32936 | 1 Apple | 1 Macos | 2025-05-06 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory. | ||||
| CVE-2022-32935 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-06 | 4.6 Medium |
| A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user may be able to view restricted content from the lock screen. | ||||
| CVE-2022-32934 | 1 Apple | 1 Macos | 2025-05-06 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution. | ||||
| CVE-2022-32932 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2025-05-06 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32929 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-06 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups. | ||||