Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3681 :
No results found.
Remaining NVD entries (unprocessed / no code available): ~181977 :
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2022-05-20 | CVE-2022-25229 | Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Server(s)'' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the webpage to use 'NodeJs' features, an attacker can leverage this to run OS commands. | N/A | N/A | |
| 2022-05-20 | CVE-2022-1806 | Cross-site Scripting (XSS) - Reflected in GitHub repository rtxteam/rtx prior to checkpoint_2022-05-18. | N/A | N/A | |
| 2022-05-20 | CVE-2022-1754 | Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | N/A | N/A | |
| 2022-05-20 | CVE-2022-28987 | ManageEngine ADSelfService Plus v6.1 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login. | N/A | N/A | |
| 2022-05-20 | CVE-2021-34111 | Thecus 4800Eco was discovered to contain a command injection vulnerability via the username parameter in /adm/setmain.php. | N/A | N/A | |
| 2022-05-20 | CVE-2022-28964 | An arbitrary file write vulnerability in Avast Premium Security before v21.11.2500 (build 21.11.6809.528) allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. | N/A | N/A | |
| 2022-05-20 | CVE-2022-28965 | Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file. | N/A | N/A |