Total
2609 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35763 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Storage Spaces Direct Elevation of Privilege Vulnerability | |||||
| CVE-2022-35762 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2026-06-17 | N/A | 7.8 HIGH |
| Storage Spaces Direct Elevation of Privilege Vulnerability | |||||
| CVE-2022-35761 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-35291 | 1 Sap | 1 Successfactors Mobile | 2026-06-17 | N/A | 8.1 HIGH |
| Due to misconfigured application endpoints, SAP SuccessFactors attachment APIs allow attackers with user privileges to perform activities with admin privileges over the network. These APIs were consumed in the SF Mobile application for Time Off, Time Sheet, EC Workflow, and Benefits. On successful exploitation, the attacker can read/write attachments. Thus, compromising the confidentiality and integrity of the application | |||||
| CVE-2022-35257 | 1 Ui | 1 Desktop | 2026-06-17 | N/A | 7.8 HIGH |
| A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM. | |||||
| CVE-2022-35243 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2026-06-17 | N/A | 8.7 HIGH |
| In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-34754 | 1 Schneider-electric | 4 Acti9 Powertag Link C \(a9xelc10-a\), Acti9 Powertag Link C \(a9xelc10-a\) Firmware, Acti9 Powertag Link C \(a9xelc10-b\) and 1 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| A CWE-269: Improper Privilege Management vulnerability exists that could allow elevated functionality when guessing credentials. Affected Products: Acti9 PowerTag Link C (A9XELC10-A) (V1.7.5 and prior), Acti9 PowerTag Link C (A9XELC10-B) (V2.12.0 and prior) | |||||
| CVE-2022-34706 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | |||||
| CVE-2022-34703 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-34699 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-34691 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2026-06-17 | N/A | 8.8 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability | |||||
| CVE-2022-34438 | 1 Dell | 1 Emc Powerscale Onefs | 2026-06-17 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters. | |||||
| CVE-2022-34384 | 1 Dell | 5 Alienware Update, Command Update, Supportassist For Business Pcs and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Dell SupportAssist Client Consumer (version 3.11.1 and prior), SupportAssist Client Commercial (version 3.2 and prior), Dell Command | Update, Dell Update, and Alienware Update versions before 4.5 contain a Local Privilege Escalation Vulnerability in the Advanced Driver Restore component. A local malicious user may potentially exploit this vulnerability, leading to privilege escalation. | |||||
| CVE-2022-34338 | 1 Ibm | 1 Robotic Process Automation | 2026-06-17 | N/A | 6.5 MEDIUM |
| IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962. | |||||
| CVE-2022-34006 | 1 Southrivertech | 1 Titan Ftp Server Nextgen | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT AUTHORITY\SYSTEM, aka NX-I674 (sub-issue 2). NOTE: as of 2022-06-21, the 1.2.1050 release corrects this vulnerability in a new installation, but not in an upgrade installation. | |||||
| CVE-2022-33962 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-33710 | 1 Samsung | 1 Galaxy Store | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2022-33709 | 1 Samsung | 1 Galaxy Store | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2022-33708 | 1 Samsung | 1 Galaxy Store | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2022-33646 | 1 Microsoft | 1 Azure Batch | 2026-06-17 | N/A | 7.0 HIGH |
| Azure Batch Node Agent Elevation of Privilege Vulnerability | |||||