Total
1627 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0207 | 1 Nvidia | 2 Dgx-2, Sbios | 2026-06-17 | N/A | 7.5 HIGH |
| NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service. | |||||
| CVE-2022-50931 | 1 Teamspeak | 1 Teamspeak | 2026-06-17 | N/A | 7.8 HIGH |
| TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or Administrator-level access. | |||||
| CVE-2022-50690 | 2026-06-17 | N/A | 8.4 HIGH | ||
| Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges. | |||||
| CVE-2022-4630 | 1 Daloradius | 1 Daloradius | 2026-06-17 | N/A | 5.3 MEDIUM |
| Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. | |||||
| CVE-2022-4365 | 1 Gitlab | 1 Gitlab | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by changing the configured URL in the Sentry error tracking settings page. | |||||
| CVE-2022-48257 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2026-06-17 | N/A | 5.3 MEDIUM |
| In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. | |||||
| CVE-2022-47927 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data. | |||||
| CVE-2022-46656 | 1 Intel | 1 Nuc Pro Software Suite | 2026-06-17 | N/A | 6.7 MEDIUM |
| Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-46338 | 2 Debian, G810-led Project | 2 Debian Linux, G810-led | 2026-06-17 | N/A | 6.5 MEDIUM |
| g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data. | |||||
| CVE-2022-45307 | 1 Chocolatey | 1 Chocolatey Php | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder. | |||||
| CVE-2022-45306 | 1 Chocolatey | 1 Chocolatey Azure-pipelines-agent | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder. | |||||
| CVE-2022-45305 | 1 Chocolatey | 1 Chocolatey Python3 | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\Python311 and all files located in that folder. | |||||
| CVE-2022-45304 | 1 Chocolatey | 1 Chocolatey Cmder | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder. | |||||
| CVE-2022-45301 | 1 Chocolatey | 1 Chocolatey Ruby | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\ruby31 and all files located in that folder. | |||||
| CVE-2022-45193 | 1 Bruhn-newtech | 1 Cbrn-analysis | 2026-06-17 | N/A | 5.9 MEDIUM |
| CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation. | |||||
| CVE-2022-44746 | 1 Acronis | 1 Cyber Protect Home Office | 2026-06-17 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. | |||||
| CVE-2022-44733 | 1 Acronis | 1 Cyber Protect Home Office | 2026-06-17 | N/A | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900. | |||||
| CVE-2022-44732 | 1 Acronis | 1 Cyber Protect Home Office | 2026-06-17 | N/A | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900. | |||||
| CVE-2022-44725 | 1 Opcfoundation | 1 Local Discovery Server | 2026-06-17 | N/A | 7.8 HIGH |
| OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user). | |||||
| CVE-2022-44719 | 1 Ucopia | 2 Wireless Appliance, Wireless Appliance Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions. | |||||