Total
11664 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23818 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2026-06-17 | N/A | 7.5 HIGH |
| Insufficient input validation on the model specific register: VM_HSAVE_PA may potentially lead to loss of SEV-SNP guest memory integrity. | |||||
| CVE-2022-23817 | 2026-06-17 | N/A | N/A | ||
| Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation. | |||||
| CVE-2022-23814 | 1 Amd | 2 Milanpi-sp3, Milanpi-sp3 Firmware | 2026-06-17 | N/A | 5.3 MEDIUM |
| Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment. | |||||
| CVE-2022-23766 | 2 Bigfile, Microsoft | 2 Bigfileagent, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website. | |||||
| CVE-2022-23624 | 1 Frourio | 1 Frourio-express | 2026-06-17 | 6.5 MEDIUM | 8.1 HIGH |
| Frourio-express is a minimal full stack framework, for TypeScript. Frourio-express users who uses frourio-express version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input validation vulnerability. Validators do not work properly for request bodies and queries in specific situations and some input is not validated at all. Users are advised to update frourio to v0.26.0 or later and to install `class-transformer` and `reflect-metadata`. | |||||
| CVE-2022-23623 | 1 Frourio | 1 Frourio | 2026-06-17 | 6.5 MEDIUM | 8.1 HIGH |
| Frourio is a full stack framework, for TypeScript. Frourio users who uses frourio version prior to v0.26.0 and integration with class-validator through `validators/` folder are subject to a input validation vulnerability. Validators do not work properly for request bodies and queries in specific situations and some input is not validated at all. Users are advised to update frourio to v0.26.0 or later and to install `class-transformer` and `reflect-metadata`. | |||||
| CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2026-06-17 | 7.5 HIGH | 8.6 HIGH |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | |||||
| CVE-2022-23403 | 1 Intel | 1 Data Center Manager | 2026-06-17 | N/A | 5.5 MEDIUM |
| Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-23019 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2026-06-17 | 7.1 HIGH | 7.5 HIGH |
| On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-23014 | 1 F5 | 1 Big-ip Access Policy Manager | 2026-06-17 | 6.8 MEDIUM | 6.5 MEDIUM |
| On versions 16.1.x before 16.1.2 and 15.1.x before 15.1.4.1, when BIG-IP APM portal access is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-22820 | 1 Linecorp | 1 Line | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message recipient by sending specially crafted gif image in LINE for Windows before 7.4. | |||||
| CVE-2022-22749 | 1 Mozilla | 1 Firefox | 2026-06-17 | N/A | 4.3 MEDIUM |
| When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96. | |||||
| CVE-2022-22727 | 1 Schneider-electric | 1 Ecostruxure Power Monitoring Expert | 2026-06-17 | 9.3 HIGH | 8.8 HIGH |
| A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user?s local machine when the user clicks a specially crafted link. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior) | |||||
| CVE-2022-22726 | 1 Schneider-electric | 1 Ecostruxure Power Monitoring Expert | 2026-06-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| A CWE-20: Improper Input Validation vulnerability exists that could allow arbitrary files on the server to be read by authenticated users through a limited operating system service account. Affected Product: EcoStruxure Power Monitoring Expert (Versions 2020 and prior) | |||||
| CVE-2022-22658 | 1 Apple | 1 Iphone Os | 2026-06-17 | N/A | 6.5 MEDIUM |
| An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service. | |||||
| CVE-2022-22588 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 15.2.1 and iPadOS 15.2.1. Processing a maliciously crafted HomeKit accessory name may cause a denial of service. | |||||
| CVE-2022-22539 | 1 Sap | 1 3d Visual Enterprise Viewer | 2026-06-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below. | |||||
| CVE-2022-22538 | 1 Sap | 1 3d Visual Enterprise Viewer | 2026-06-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below. | |||||
| CVE-2022-22525 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2026-06-17 | N/A | 7.2 HIGH |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an remote attacker with admin rights could execute arbitrary commands due to missing input sanitization in the backup restore function | |||||
| CVE-2022-22508 | 1 Codesys | 14 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 11 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. | |||||
