Vulnerabilities (CVE)

Filtered by CWE-284
Total 4403 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32904 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data.
CVE-2022-32902 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.
CVE-2022-32883 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2026-06-17 N/A 5.5 MEDIUM
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.
CVE-2022-32880 1 Apple 1 Macos 2026-06-17 N/A 6.5 MEDIUM
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be able to access user-sensitive data.
CVE-2022-32872 1 Apple 2 Ipados, Iphone Os 2026-06-17 N/A 2.4 LOW
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen.
CVE-2022-32848 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user’s screen.
CVE-2022-32834 1 Apple 2 Mac Os X, Macos 2026-06-17 N/A 5.5 MEDIUM
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.
CVE-2022-32800 1 Apple 2 Mac Os X, Macos 2026-06-17 N/A 5.5 MEDIUM
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.
CVE-2022-32789 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be able to bypass Privacy preferences.
CVE-2022-32783 1 Apple 1 Macos 2026-06-17 N/A 5.5 MEDIUM
A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app may gain unauthorized access to Bluetooth.
CVE-2022-32507 2026-06-17 N/A 8.8 HIGH
An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands across the different accounts. This affects Nuki Smart Lock 3.0 before 3.3.5 and Nuki Smart Lock 2.0 before 2.12.4.
CVE-2022-32257 1 Siemens 1 Sinema Remote Connect Server 2026-06-17 N/A 9.8 CRITICAL
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution.
CVE-2022-31708 1 Vmware 1 Vrealize Operations 2026-06-17 N/A 4.9 MEDIUM
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
CVE-2022-31704 1 Vmware 1 Vrealize Log Insight 2026-06-17 N/A 9.8 CRITICAL
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.
CVE-2022-31687 1 Vmware 1 Workspace One Assist 2026-06-17 N/A 9.8 CRITICAL
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
CVE-2022-31475 1 Givewp 1 Givewp 2026-06-17 N/A 5.5 MEDIUM
Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
CVE-2022-31231 1 Dell 1 Elastic Cloud Storage 2026-06-17 N/A 5.9 MEDIUM
Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may potentially exploit this vulnerability, leading to gaining read access to unauthorized data.
CVE-2022-31024 1 Nextcloud 1 Richdocuments 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fix for this issue. There are currently no known workarounds available.
CVE-2022-30564 1 Dahuasecurity 194 Ipc-hf5241f-ze, Ipc-hf5241f-ze Firmware, Ipc-hf5442f-ze and 191 more 2026-06-17 N/A 5.3 MEDIUM
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
CVE-2022-2702 1 Company Website\/cms Project 1 Company Website\/cms 2026-06-17 N/A 7.3 HIGH
A vulnerability was found in SourceCodester Company Website CMS and classified as critical. Affected by this issue is some unknown functionality of the file site-settings.php of the component Cookie Handler. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205826 is the identifier assigned to this vulnerability.