Export limit exceeded: 17309 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 341044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341044 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34424 | 1 Dell | 1 Smartfabric Os10 | 2025-05-20 | 7.5 High |
| Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans. | ||||
| CVE-2025-22383 | 1 Optimizely | 1 Configured Commerce | 2025-05-20 | 4.6 Medium |
| An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific scenarios. | ||||
| CVE-2025-22384 | 1 Optimizely | 1 Configured Commerce | 2025-05-20 | 7.5 High |
| An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered before reaching the server. | ||||
| CVE-2022-31628 | 4 Debian, Fedoraproject, Php and 1 more | 4 Debian Linux, Fedora, Php and 1 more | 2025-05-20 | 2.3 Low |
| In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop. | ||||
| CVE-2022-3326 | 1 Ikus-soft | 1 Rdiffweb | 2025-05-20 | 4.3 Medium |
| Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. | ||||
| CVE-2022-3352 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2025-05-20 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0614. | ||||
| CVE-2022-41848 | 1 Linux | 1 Linux Kernel | 2025-05-20 | 4.2 Medium |
| drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race condition between mgslpc_ioctl and mgslpc_detach. | ||||
| CVE-2022-41847 | 1 Axiosys | 1 Bento4 | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp. | ||||
| CVE-2022-41846 | 1 Axiosys | 1 Bento4 | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | ||||
| CVE-2022-41845 | 1 Axiosys | 1 Bento4 | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h. | ||||
| CVE-2022-41844 | 1 Xpdfreader | 1 Xpdf | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. | ||||
| CVE-2022-41843 | 1 Xpdfreader | 1 Xpdf | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. | ||||
| CVE-2022-41842 | 1 Xpdfreader | 1 Xpdf | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc. | ||||
| CVE-2022-41841 | 1 Axiosys | 1 Bento4 | 2025-05-20 | 5.5 Medium |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. | ||||
| CVE-2022-41828 | 1 Amazon | 1 Amazon Web Services Redshift Java Database Connectivity Driver | 2025-05-20 | 8.8 High |
| In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. | ||||
| CVE-2022-41440 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. | ||||
| CVE-2022-41439 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. | ||||
| CVE-2022-41437 | 1 Billing System Project Project | 1 Billing System Project | 2025-05-20 | 7.2 High |
| Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. | ||||
| CVE-2022-40887 | 1 Best Student Result Management System Project | 1 Best Student Result Management System | 2025-05-20 | 9.8 Critical |
| SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection. | ||||
| CVE-2022-40879 | 1 Keking | 1 Kkfileview | 2025-05-20 | 6.1 Medium |
| kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS) via the parameter 'errorMsg.' | ||||