Filter and search through 887 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2022-24086 | Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution. | 9.8 | 999 | Trending | Yes |
| Yes |
| CVE-2022-22965 | Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 | 999 | Viral | Yes | Yes |
| CVE-2022-22963 | When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-e... | 9.8 | 999 | Viral | Yes | Yes |
| CVE-2022-22948 | VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensiti... | 6.5 | 506 | Neutral | Yes | Yes |
| CVE-2022-2294 | WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vulnerability that allows an attac... | 8.8 | 970 | Neutral | Yes | Yes |
| CVE-2022-22675 | macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges. | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2022-22674 | macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory. | 5.5 | 508 | Neutral | Yes | Yes |
| CVE-2022-22620 | Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web conten... | 8.8 | 970 | Low | Yes | Yes |
| CVE-2022-22587 | Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel pri... | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2022-22047 | Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges. | 7.8 | 749 | Neutral | Yes | Yes |
| CVE-2022-21882 | Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation. | 7.8 | 857 | Neutral | Yes | Yes |
| CVE-2022-20821 | Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and al... | 6.5 | 577 | Neutral | Yes | Yes |
| CVE-2022-1364 | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted H... | 8.8 | 841 | Neutral | Yes | Yes |
| CVE-2022-1096 | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted H... | 8.8 | 841 | Neutral | Yes | Yes |
| CVE-2022-1040 | An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution. | 9.8 | 971 | Rising | Yes | Yes |
| CVE-2022-0609 | Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted H... | 8.8 | 868 | Neutral | No | Yes |
| CVE-2021-45461 | FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitr... | 9.8 | 971 | Neutral | Yes | Yes |
| CVE-2021-44529 | Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malic... | 9.8 | 999 | Neutral | Yes | Yes |
| CVE-2021-43890 | Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability. | 7.1 | 595 | Neutral | Yes | Yes |
| CVE-2021-42321 | An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution. | 8.8 | 927 | Neutral | Yes | Yes |