Latest CVE Feed
-
6.1
MEDIUMCVE-2024-24131
SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php.... Read more
Affected Products : superwebmailer- Published: Feb. 07, 2024
- Modified: Jun. 05, 2025
-
9.8
CRITICALCVE-2024-24019
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via /system/roleDataPerm/list... Read more
Affected Products : novel-plus- Published: Feb. 07, 2024
- Modified: Jun. 05, 2025
-
9.8
CRITICALCVE-2024-24014
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /novel/author/list... Read more
Affected Products : novel-plus- Published: Feb. 08, 2024
- Modified: Jun. 05, 2025
-
6.5
MEDIUMCVE-2024-22027
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services.... Read more
Affected Products : quiz_maker- Published: Jan. 12, 2024
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2022-39151
A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versio... Read more
- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2022-34699
Windows Win32k Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 +3 more products- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2022-34696
Windows Hyper-V Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_server_2022 windows_11_21h2 +6 more products- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
5.3
MEDIUMCVE-2022-34692
Microsoft Exchange Server Information Disclosure Vulnerability... Read more
Affected Products : exchange_server- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
8.8
HIGHCVE-2022-34691
Active Directory Domain Services Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
7.0
HIGHCVE-2022-33646
Azure Batch Node Agent Elevation of Privilege Vulnerability... Read more
Affected Products : azure_batch- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2022-33640
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability... Read more
- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
7.3
HIGH- Published: Aug. 09, 2022
- Modified: Jun. 05, 2025
-
8.8
HIGHCVE-2022-32555
Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.... Read more
Affected Products : data_exchange_management_studio- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
7.1
HIGHCVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are use... Read more
- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
6.1
MEDIUMCVE-2022-2669
The WP Taxonomy Import WordPress plugin through 1.0.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... Read more
Affected Products : wp_taxonomy_import- Published: Sep. 16, 2022
- Modified: Jun. 05, 2025
-
6.1
MEDIUMCVE-2022-2654
The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classified Listing Pro before 2.0.20, Classified Listing Store & Membership before 1.4.20 and Classima Core before 1.10) do not escape a paramet... Read more
- Published: Sep. 16, 2022
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2022-20392
In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrad... Read more
Affected Products : android- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
9.8
CRITICALCVE-2022-20389
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257004... Read more
Affected Products : android- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
9.8
CRITICALCVE-2022-20388
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323... Read more
Affected Products : android- Published: Sep. 13, 2022
- Modified: Jun. 05, 2025
-
7.8
HIGHCVE-2024-22919
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.... Read more
Affected Products : swftools- Published: Jan. 19, 2024
- Modified: Jun. 05, 2025