Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45912 | 1 Zimbra | 1 Collaboration | 2025-04-24 | 7.2 High |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution. | ||||
| CVE-2022-45771 | 1 Pwndoc Project | 1 Pwndoc | 2025-04-24 | 8.8 High |
| An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file. | ||||
| CVE-2022-45769 | 1 Clicshopping | 1 Clicshopping V3 | 2025-04-24 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in ClicShopping_V3 v3.402 allows attackers to execute arbitrary web scripts or HTML via a crafted URL parameter. | ||||
| CVE-2022-45656 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | ||||
| CVE-2022-45655 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | ||||
| CVE-2022-45654 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||||
| CVE-2022-45653 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | ||||
| CVE-2022-45652 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 9.1 Critical |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function. | ||||
| CVE-2022-45651 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 9.1 Critical |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function. | ||||
| CVE-2022-45647 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function. | ||||
| CVE-2022-45646 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function. | ||||
| CVE-2022-45644 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. | ||||
| CVE-2022-45643 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function. | ||||
| CVE-2022-45641 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-24 | 7.5 High |
| Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg. | ||||
| CVE-2022-45562 | 1 Telosalliance | 2 Omnia Mpx Node, Omnia Mpx Node Firmware | 2025-04-24 | 8.8 High |
| Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access. | ||||
| CVE-2022-45483 | 1 Lazy Mouse Project | 1 Lazy Mouse | 2025-04-24 | 5.9 Medium |
| Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | ||||
| CVE-2022-45482 | 1 Lazy Mouse Project | 1 Lazy Mouse | 2025-04-24 | 9.8 Critical |
| Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||||
| CVE-2022-45481 | 1 Lzmouse | 1 Lazy Mouse | 2025-04-24 | 9.8 Critical |
| The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||||
| CVE-2022-45477 | 1 Telepad-app | 1 Telepad | 2025-04-24 | 9.8 Critical |
| Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||||
| CVE-2022-45315 | 1 Mikrotik | 1 Routeros | 2025-04-24 | 9.8 Critical |
| Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet. | ||||