CVE-2021-46024 23 Jan 2022
Projectworlds online-shopping-webvsite-in-php 1.0 suffers from a SQL Injection vulnerability via the "id" parameter in cart_add.php, No login is requi... Read more ➔
CVE-2022-23850 23 Jan 2022
xhtml_translate_entity in xhtml.c in epub2txt (aka epub2txt2) through 2.02 allows a stack-based buffer overflow via a crafted EPUB document. Read more ➔
CVE-2021-4103 23 Jan 2022
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34. Read more ➔
CVE-2021-4172 22 Jan 2022
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2. Read more ➔
CVE-2022-23808 22 Jan 2022
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or... Read more ➔
CVE-2022-23807 22 Jan 2022
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate th... Read more ➔
CVE-2022-23363 21 Jan 2022
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via index.php. Read more ➔
CVE-2022-21708 21 Jan 2022
graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug... Read more ➔
CVE-2022-21707 21 Jan 2022
wasmCloud Host Runtime is a server process that securely hosts and provides dispatch for web assembly (WASM) actors and capability providers. In versi... Read more ➔
CVE-2021-39480 21 Jan 2022
Bingrep v0.8.5 was discovered to contain a memory allocation failure which can cause a Denial of Service (DoS). Read more ➔
CVE-2022-23837 21 Jan 2022
In api.rb in Sidekiq before 6.4.0, there is no limit on the number of days when requesting stats for the graph. This overloads the system, affecting t... Read more ➔
CVE-2022-22553 21 Jan 2022
Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI... Read more ➔
CVE-2022-22552 21 Jan 2022
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this... Read more ➔
CVE-2022-22551 21 Jan 2022
DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially expl... Read more ➔
CVE-2021-46313 21 Jan 2022
The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms (). This vulnerability c... Read more ➔
CVE-2021-46311 21 Jan 2022
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c. This vulnerability... Read more ➔
CVE-2021-46244 21 Jan 2022
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritme... Read more ➔
CVE-2021-46243 21 Jan 2022
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vuln... Read more ➔
CVE-2021-46242 21 Jan 2022
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. Read more ➔
CVE-2021-46240 21 Jan 2022
A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c. This vulnerabil... Read more ➔
CVE-2021-46239 21 Jan 2022
The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c. This vulnerabil... Read more ➔