CVE-2022-1725 NULL Pointer Dereference in vim/vim

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959...

CVE-2022-1720 Buffer Over-read in function grab_file_name in vim/vim

Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

CVE-2022-1720

Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

Server side request forgery (ssrf)

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery SSRF. This allows accessing restricted internal resources/servers or...

Code injection

Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07...

CVE-2022-1715 Account Takeover in neorazorx/facturascripts

Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07...

CVE-2022-1714

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-1714

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

Design/Logic Flaw

Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-1698 Allowing long password leads to denial of service in causefx/organizr

Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...

CVE-2022-1650

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

Input validation

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2...

CVE-2022-1674

NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 allows attackers to cause a denial of service application crash via a crafted input...

CVE-2022-1674

NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vimregexecstring at regexp.c:2733 allows attackers to cause a denial of service application crash via a crafted input...

CVE-2022-1682

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser...

Cross site scripting

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser...

CVE-2022-1682

The CVE-2022-1682 entry describes a reflected cross-site scripting (XSS) vulnerability in FacturaScripts (neorazorx/facturascripts) prior to version 2022.07. The root cause is reflected XSS via URL-based payloads, allowing an attacker to steal cookies and potentially take over user accounts or pe...

CVE-2022-1682 Reflected Xss using url based payload in neorazorx/facturascripts

Reflected Xss using url based payload in GitHub repository neorazorx/facturascripts prior to 2022.07. Xss can use to steal user's cookies which lead to Account takeover or do any malicious activity in victim's browser...

Design/Logic Flaw

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...

CVE-2022-1044 Sensitive Data Exposure Due To Insecure Storage Of Profile Image in polonel/trudesk

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...