CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6573 matches found

Prion•added 2022/02/27 10:15 p.m.•13 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository librenms/librenms prior to 22.2.2...

3.5CVSS4.9AI score0.00613EPSS

Exploits1References2Affected Software1

CVE•added 2022/02/27 9:25 p.m.•120 views

CVE-2022-0772

LibreNMS (librenms/librenms) contains a Stored XSS vulnerability that affects versions before 22.2.2. Root cause: improper handling/validation of client-side data in the web application. Impact per sources: Cross-site scripting with potential for user-assisted or automatic execution of client-sid...

4.8CVSS4.6AI score0.00613EPSS

Exploits1References2Affected Software1

OSV•added 2022/02/26 11:15 p.m.•16 views

CVE-2021-3967

Improper Access Control in GitHub repository zulip/zulip prior to 4.10...

8.8CVSS6.8AI score

Exploits0References2

NVD•added 2022/02/26 3:15 p.m.•28 views

CVE-2022-0764

Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0...

7.2CVSS0.00782EPSS

Exploits1References3

Prion•added 2022/02/26 3:15 p.m.•10 views

Command injection

Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0...

7.2CVSS6.8AI score0.00782EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/02/26 2:55 p.m.•26 views

CVE-2022-0764 Arbitrary Command Injection in strapi/strapi

Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0...

6.1CVSS7AI score0.00782EPSS

Exploits1References3

CVE•added 2022/02/26 2:55 p.m.•105 views

CVE-2022-0764

Strapi (strapi/strapi) is affected by CVE-2022-0764: an OS command injection vulnerability in versions prior to 4.1.0 due to improper sanitization of user input when creating an app via the template CLI argument. Impact is arbitrary command execution with local access. Mitigation: update to 4.1.0...

7.2CVSS6.5AI score0.00782EPSS

Exploits1References3Affected Software1

OSV•added 2022/02/26 2:55 p.m.•19 views

CVE-2022-0764 Arbitrary Command Injection in strapi/strapi

Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0...

6.1CVSS6.5AI score0.00782EPSS

Exploits1References5

Prion•added 2022/02/26 10:15 a.m.•11 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.3...

3.5CVSS4.9AI score0.00613EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/02/26 10:0 a.m.•23 views

CVE-2022-0763 Cross-site Scripting (XSS) - Stored in microweber/microweber

Cross-site Scripting XSS - Stored in GitHub repository microweber/microweber prior to 1.3...

4.3CVSS5.2AI score0.00613EPSS

Exploits1References2

OSV•added 2022/02/26 9:35 a.m.•28 views

CVE-2022-0762 Incorrect Authorization in microweber/microweber

Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3...

5.5CVSS4.9AI score0.00631EPSS

Exploits1References4

CNNVD•added 2022/02/26 12:0 a.m.•3 views

Zulip 安全漏洞

Zulip is a powerful open source group chat application from the Zulip team. Used to combine the immediacy of real-time chat with the productivity benefits of threaded conversations, Zulip is vulnerable to an access control error that stems from the presence of incorrect access controls in the...

8.8CVSS5.6AI score0.00848EPSS

Exploits1References5

CNNVD•added 2022/02/26 12:0 a.m.•3 views

microweber 安全漏洞

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A logic flaw vulnerability exists in Microweber, which stems from an error in the business...

5.5CVSS5.6AI score0.00631EPSS

Exploits1References4

CNNVD•added 2022/02/26 12:0 a.m.•3 views

Strapi 安全漏洞

Strapi is an open source headless content management system CMS. Strapi is vulnerable to an operating system command injection vulnerability that originates from arbitrary command injection in the GitHub repository. No detailed vulnerability details are currently available...

7.2CVSS5.9AI score0.00782EPSS

Exploits1References5

NVD•added 2022/02/25 9:15 a.m.•5 views

CVE-2022-0746

Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0...

4.3CVSS0.00868EPSS

Exploits1References2

UbuntuCve•added 2022/02/25 9:15 a.m.•38 views

CVE-2022-0746

Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0...

4.3CVSS5.8AI score0.00868EPSS

Exploits1References3

Prion•added 2022/02/25 9:15 a.m.•6 views

Code injection

Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0...

4CVSS4.5AI score0.00868EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/02/25 9:5 a.m.•29 views

CVE-2022-0746 Business Logic Errors in dolibarr/dolibarr

Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0...

4.3CVSS4.9AI score0.00868EPSS

Exploits1References2

CVE•added 2022/02/25 9:5 a.m.•101 views

CVE-2022-0746

CVE-2022-0746 affects dolibarr/dolibarr prior to 16.0 and is described as a business-logic error. Connected records (GHSA-8VQ6-5F66-HP3R) indicate that, prior to 16.0, low-privilege users could update their login name, which should be admin-only. The provided documents do not specify a concrete e...

4.3CVSS4.5AI score0.00868EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2022/02/24 1:15 p.m.•34 views

CVE-2022-0695

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4...

6.8CVSS6.8AI score0.00941EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by