6573 matches found
CVE-2022-1439
CVE-2022-1439 is a documented reflected cross-site scripting vulnerability affecting Microweber prior to version 1.2.15, where an attacker could execute arbitrary JavaScript in the context of the victim’s browser on the vulnerable page (demo.microweber.org/demo/module/). Multiple connected source...
CVE-2022-1439 Reflected XSS on demo.microweber.org/demo/module/ in microweber/microweber
Reflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction...
Heap overflow
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...
CVE-2022-1437
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...
GHSA-2CFC-865J-GM4W XML External Entity Reference in detekt
Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0...
CVE-2022-0272
Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0...
Xxe
Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0...
CVE-2022-0272 Improper Restriction of XML External Entity Reference in detekt/detekt
Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0...
CVE-2022-1022
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0...
CVE-2022-1022 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0...
CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774...
CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774...
Design/Logic Flaw
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774...
CVE-2022-1420
CVE-2022-1420 affects vim/vim prior to version 8.2.4774 due to an out-of-range pointer offset. The provided connected Advisory (ALAS2023-2023-098) confirms Vim-related entries and lists this CVE among others under Vim, but does not provide additional technical details beyond the description. The ...
CVE-2022-1420
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774...
Open redirect
Open redirect vulnerability via endpoint authorizeandredirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1...
CVE-2022-1382
NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...
CVE-2022-1383
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...
CVE-2022-1381
global heap buffer overflow in skiprange in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution...