6573 matches found
CVE-2022-0955
Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...
CVE-2022-0955 Cross-site Scripting (XSS) - Stored in pimcore/data-hub
Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...
EUVD-2022-1315
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
CVE-2022-1058
CVE-2022-1058 affects Gitea (go-gitea/gitea) versions before 1.16.5. The issue is an open redirect in the login flow that can redirect users to a malicious site via redirect_to, potentially exposing sensitive information or enabling unauthorized actions. The Nuclei template and related advisories...
CVE-2022-1052 Heap Buffer Overflow in iterate_chained_fixups in radareorg/radare2
Heap Buffer Overflow in iteratechainedfixups in GitHub repository radareorg/radare2 prior to 5.6.6...
CVE-2022-1052
CVE-2022-1052 : A heap buffer overflow exists in radare2’s iterate_chained_fixups, affecting versions prior to 5.6.6. The issue is confirmed in multiple sources referencing the same root cause, with CVSS metrics indicating limited local access and potential high impact on availability (CVSS3.1: 5...
CVE-2022-1052
Heap Buffer Overflow in iteratechainedfixups in GitHub repository radareorg/radare2 prior to 5.6.6...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-0145 Cross-site Scripting (XSS) - Stored in forkcms/forkcms
Cross-site Scripting XSS - Stored in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-0145
Fork CMS (forkcms/forkcms) prior to version 5.11.1 is affected by a stored XSS vulnerability. The flaw allows an attacker to inject and have JavaScript execute when a new module is uploaded, via the module description field, with exploitation tied to viewing the Details page after upload. Impact ...
CVE-2022-1061
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8...
CVE-2022-1061
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8...
CVE-2022-1061
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8...
CVE-2022-1061
Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8...
PYSEC-2022-175
Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0...
CVE-2022-0315 Insecure Temporary File in horovod/horovod
Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6...
CVE-2022-1033
CVE-2022-1033 affects crater-invoice/crater prior to 6.0.6 where there is no restriction on uploading dangerous file types. A PoC shows uploading a PHP webshell as an expense receipt, resulting in a stored file retrievable via attachment_receipt_url (e.g., /storage/50/2137webshell.php), enabling ...
CVE-2022-1031
CVE-2022-1031 affects radare2 (radareorg/radare2) prior to version 5.6.6, due to a use-after-free in the op_is_set_bp path. The vulnerability resides in the memory management of that directive, enabling memory corruption that can lead to a crash or broader impact as described in multiple sources....