CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6573 matches found

AlpineLinux•added 2022/04/11 11:30 a.m.•51 views

CVE-2022-1296

Out-of-bounds read in rbinnegetrelocs function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash...

9.1CVSS7.7AI score0.00744EPSS

Exploits1

CVE•added 2022/04/11 11:20 a.m.•118 views

CVE-2022-1295

Prototype Pollution in fullpage.js (CVE-2022-1295) affects the library prior to 4.0.2, via the internal deepExtend utility (window.fp_utils) enabling pollution of Object prototypes. Multiple sources (GHSA, OSV, NVD/nvd, Red Hat, Huntr) confirm the issue and describe the impact as potentially enab...

9.8CVSS8.4AI score0.01234EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/04/11 11:20 a.m.•22 views

CVE-2022-1295 Prototype Pollution in alvarotrigo/fullpage.js

Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2...

7.3CVSS9.8AI score0.01234EPSS

Exploits1References2

OSV•added 2022/04/11 11:20 a.m.•15 views

CVE-2022-1295 Prototype Pollution in alvarotrigo/fullpage.js

Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2...

7.3CVSS7.7AI score0.01234EPSS

Exploits1References4

NVD•added 2022/04/11 11:15 a.m.•35 views

CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

9.1CVSS0.00523EPSS

Exploits1References2

Prion•added 2022/04/11 11:15 a.m.•19 views

Design/Logic Flaw

6.4CVSS9.1AI score0.00523EPSS

Exploits1References2Affected Software1

NVD•added 2022/04/11 7:15 a.m.•21 views

CVE-2022-1045

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0...

9CVSS0.01516EPSS

Exploits1References2

NVD•added 2022/04/11 7:15 a.m.•17 views

CVE-2022-0936

Cross-site Scripting XSS - Stored in GitHub repository autolab/autolab prior to 2.8.0...

7.6CVSS0.00628EPSS

Exploits1References2

Prion•added 2022/04/11 7:15 a.m.•18 views

Cross site scripting

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0...

3.5CVSS5.3AI score0.01516EPSS

Exploits1References2Affected Software1

CVE•added 2022/04/11 6:15 a.m.•84 views

CVE-2022-0936

CVE-2022-0936 is a stored XSS vulnerability affecting Autolab

7.6CVSS5.5AI score0.00628EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2022/04/11 12:0 a.m.•45 views

Cross-site Scripting in tableexport.jquery.plugin

There is a cross-site scripting vulnerability with default onCellHtmlData function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0. This can result in transmitting cookies to third-party servers and/or sending data from secure sessions to third-party servers...

7.6CVSS1.9AI score0.00702EPSS

Exploits1References4Affected Software1

Cvelist•added 2022/04/10 7:15 p.m.•17 views

CVE-2022-1291 XSS vulnerability with default `onCellHtmlData` function in hhurz/tableexport.jquery.plugin

XSS vulnerability with default onCellHtmlData function in GitHub repository hhurz/tableexport.jquery.plugin prior to 1.25.0. Transmitting cookies to third-party servers. Sending data from secure sessions to third-party servers...

7.6CVSS5.5AI score0.00702EPSS

Exploits1References2

OSV•added 2022/04/10 7:15 p.m.•28 views

CVE-2022-1291 XSS vulnerability with default `onCellHtmlData` function in hhurz/tableexport.jquery.plugin

7.6CVSS6.4AI score0.00702EPSS

Exploits1References4

Cvelist•added 2022/04/10 3:50 p.m.•22 views

CVE-2022-1290 Stored XSS in "Name", "Group Name" & "Title" in polonel/trudesk

Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...

9CVSS5.6AI score0.01581EPSS

Exploits1References2

AlpineLinux•added 2022/04/10 11:15 a.m.•47 views

CVE-2022-1286

heap-buffer-overflow in mrbvmexec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS3AI score0.01077EPSS

Exploits1

AlpineLinux•added 2022/04/10 10:15 a.m.•46 views

CVE-2022-1276

Out-of-bounds Read in mrbgetargs in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

9.8CVSS2.8AI score0.01406EPSS

Exploits1

Prion•added 2022/04/10 10:15 a.m.•12 views

Design/Logic Flaw

Out-of-bounds Read in mrbgetargs in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

7.5CVSS9.8AI score0.01406EPSS

Exploits1References2Affected Software1

CVE•added 2022/04/10 9:35 a.m.•150 views

CVE-2022-1276

CVE-2022-1276 concerns mruby/mruby where an out-of-bounds read in the function mrb_get_args affects versions prior to 3.2, potentially enabling arbitrary code execution if exploited. The vulnerability affects the mruby interpreter and is triggered through improper reads, as described across multi...

9.8CVSS9.5AI score0.01406EPSS

Exploits1References2Affected Software1