CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2022/03/07 12:0 a.m.•23 views

CVE-2022-0755 Missing Authorization in salesagility/suitecrm

Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5...

7.1CVSS6.1AI score0.0065EPSS

NVD•added 2022/03/06 11:15 p.m.•16 views

CVE-2022-0697

Open Redirect in GitHub repository archivy/archivy prior to 1.7.0...

6.1CVSS0.00618EPSS

Cvelist•added 2022/03/06 10:50 p.m.•23 views

CVE-2022-0697 Open Redirect in archivy/archivy

Open Redirect in GitHub repository archivy/archivy prior to 1.7.0...

3.4CVSS6.5AI score0.00618EPSS

CVE•added 2022/03/06 3:20 p.m.•99 views

CVE-2022-0868

CVE-2022-0868 is an open redirect in medialize/uri.js prior to 1.19.10. Open redirect could allow a remote attacker to redirect victims to arbitrary sites via crafted URLs. Public metrics show base scores around 5.8–6.1 (NVD) and up to 8.0 in some sources depending on scope/age. Remediation: upgr...

8CVSS6.4AI score0.00707EPSS

NVD•added 2022/03/06 10:15 a.m.•11 views

CVE-2022-0869

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3...

6.1CVSS0.0262EPSS

Prion•added 2022/03/06 10:15 a.m.•9 views

Open redirect

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3...

5.8CVSS6.2AI score0.0262EPSS

Cvelist•added 2022/03/05 9:25 p.m.•37 views

CVE-2022-0845 Code Injection in pytorchlightning/pytorch-lightning

Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0...

7.3CVSS10AI score0.00957EPSS

UbuntuCve•added 2022/03/05 10:15 a.m.•24 views

CVE-2022-0849

Use After Free in rreggetnameidx in GitHub repository radareorg/radare2 prior to 5.6.6...

7.3CVSS6.8AI score0.0065EPSS

Exploits1References3

Prion•added 2022/03/05 10:15 a.m.•13 views

Double free

Use After Free in rreggetnameidx in GitHub repository radareorg/radare2 prior to 5.6.6...

4.3CVSS5.5AI score0.0065EPSS

OSV•added 2022/03/05 9:30 a.m.•16 views

CVE-2022-0849 Use After Free in r_reg_get_name_idx in radareorg/radare2

Use After Free in rreggetnameidx in GitHub repository radareorg/radare2 prior to 5.6.6...

7.3CVSS6.6AI score0.0065EPSS

AlpineLinux•added 2022/03/05 9:30 a.m.•41 views

CVE-2022-0849

Use After Free in rreggetnameidx in GitHub repository radareorg/radare2 prior to 5.6.6...

7.3CVSS5.9AI score0.0065EPSS

Exploits1

ATTACKERKB•added 2022/03/04 7:15 p.m.•2 views

CVE-2022-0855

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...

7.4CVSS6.8AI score0.00973EPSS

Exploits1References3

Prion•added 2022/03/04 7:15 p.m.•10 views

Input validation

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...

5.8CVSS6.2AI score0.00973EPSS

Cvelist•added 2022/03/04 6:25 p.m.•25 views

CVE-2022-0855 Improper Resolution of Path Equivalence in microweber-dev/whmcs_plugin

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...

7.4CVSS6.5AI score0.00973EPSS

CVE•added 2022/03/04 6:25 p.m.•95 views

CVE-2022-0855

CVE-2022-0855 affects microweber-dev/whmcs_plugin prior to version 0.0.4. The root cause is an improper resolution of path equivalence in the plugin, which can enable an open redirect or misrouting of a request. Exploitation details in the connected records describe an open-redirect scenario that...

7.4CVSS6.5AI score0.00973EPSS

NVD•added 2022/03/04 3:15 p.m.•10 views

CVE-2022-0839

Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0...

9.8CVSS0.02921EPSS

Cvelist•added 2022/03/04 2:25 p.m.•20 views

CVE-2022-0839 Improper Restriction of XML External Entity Reference in liquibase/liquibase

Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0...

7.3CVSS9.8AI score0.02921EPSS

Exploits1References3

CVE•added 2022/03/04 2:25 p.m.•242 views

CVE-2022-0839

CVE-2022-0839 affects Liquibase in liquibase/liquibase prior to 4.8.0, due to improper validation in XMLChangeLogSAXParser() that enables XML External Entity processing. This could allow a remote attacker to disclose sensitive information or perform SSRF. The documented remediation is to upgrade ...

9.8CVSS8.3AI score0.02921EPSS

Exploits1References4Affected Software1

NVD•added 2022/03/04 2:15 p.m.•15 views

CVE-2022-0831

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 10.3.3...

5.4CVSS0.01266EPSS