Latest CVE Feed
-
5.3
MEDIUMCVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafte... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
9.8
CRITICALCVE-2022-46364
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. ... Read more
Affected Products : cxf- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
7.5
HIGHCVE-2022-46363
A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect... Read more
Affected Products : cxf- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
9.8
CRITICALCVE-2022-46353
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
7.5
HIGHCVE-2022-46352
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
5.5
MEDIUMCVE-2022-46351
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
6.1
MEDIUMCVE-2022-46350
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
7.2
HIGHCVE-2022-46117
Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=.... Read more
Affected Products : helmet_store_showroom_site- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
8.8
HIGHCVE-2022-46074
Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF). An unauthenticated user can add an admin account due to missing CSRF protection.... Read more
Affected Products : helmet_store_showroom- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
6.1
MEDIUMCVE-2022-46073
Helmet Store Showroom 1.0 is vulnerable to Cross Site Scripting (XSS).... Read more
Affected Products : helmet_store_showroom- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
9.8
CRITICALCVE-2022-46072
Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection.... Read more
Affected Products : helmet_store_showroom- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
9.8
CRITICALCVE-2022-46071
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.... Read more
Affected Products : helmet_store_showroom_site- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
4.5
MEDIUMCVE-2022-46062
Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).... Read more
Affected Products : gym_management_system- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
6.1
MEDIUMCVE-2022-46061
AeroCMS v0.0.1 is vulnerable to ClickJacking.... Read more
Affected Products : aerocms- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
7.5
HIGHCVE-2022-45688
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.... Read more
- Published: Dec. 13, 2022
- Modified: Apr. 22, 2025
-
7.8
HIGHCVE-2022-44910
Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.... Read more
Affected Products : binbloom- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
5.5
MEDIUMCVE-2022-3106
An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().... Read more
Affected Products : linux_kernel- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
6.5
MEDIUMCVE-2020-9420
The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.... Read more
- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
5.4
MEDIUMCVE-2020-9419
Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the admi... Read more
- Published: Dec. 14, 2022
- Modified: Apr. 22, 2025
-
9.8
CRITICALCVE-2025-30406
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machin... Read more
Affected Products : centrestack- Actively Exploited
- Published: Apr. 03, 2025
- Modified: Apr. 22, 2025
- Vuln Type: Authentication