Total
32703 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34674 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | |||||
| CVE-2022-34642 | 1 Riscv | 1 Spike Risc-v Isa Simulator | 2024-11-21 | N/A | 5.5 MEDIUM |
| The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS). | |||||
| CVE-2022-34640 | 1 Openhwgroup | 1 Cva6 | 2024-11-21 | N/A | 5.5 MEDIUM |
| The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect. | |||||
| CVE-2022-34598 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands. | |||||
| CVE-2022-34593 | 1 Dptech | 1 Dptech Vpn | 2024-11-21 | N/A | 7.5 HIGH |
| DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability. | |||||
| CVE-2022-34577 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | |||||
| CVE-2022-34576 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. | |||||
| CVE-2022-34567 | 1 Uthscsa | 1 Multi-image Analysis Gui | 2024-11-21 | N/A | 8.8 HIGH |
| An issue in \Roaming\Mango\Plugins of University of Texas Multi-image Analysis GUI (Mango) 4.1 allows attackers to escalate privileges via crafted plugins. | |||||
| CVE-2022-34558 | 4 Global-workqueue Project, Reqmgr2 Project, Reqmon Project and 1 more | 4 Global-workqueue, Reqmgr2, Reqmon and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package. | |||||
| CVE-2022-34555 | 1 Tp-link | 2 Tl-r473g, Tl-r473g Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to contain a remote code execution vulnerability which is exploited via a crafted packet. | |||||
| CVE-2022-34534 | 1 Dw | 2 Spectrum Server, Spectrum Server Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call. | |||||
| CVE-2022-34531 | 1 Dedecms | 1 Dedecms | 2024-11-21 | N/A | 9.8 CRITICAL |
| DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php. | |||||
| CVE-2022-34509 | 1 Wikifaces Project | 1 Wikifaces | 2024-11-21 | N/A | 9.8 CRITICAL |
| The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party. | |||||
| CVE-2022-34501 | 1 Pypi | 1 Pypi | 2024-11-21 | N/A | 9.8 CRITICAL |
| The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | |||||
| CVE-2022-34500 | 1 Pypi | 1 Pypi | 2024-11-21 | N/A | 9.8 CRITICAL |
| The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. | |||||
| CVE-2022-34432 | 1 Dell | 1 Hybrid Client | 2024-11-21 | N/A | 7.3 HIGH |
| Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. | |||||
| CVE-2022-34391 | 1 Dell | 4 Alienware Area-51 R4, Alienware Area-51 R4 Firmware, Alienware Area-51 R5 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2022-34382 | 1 Dell | 3 Alienware Update, Command Update, Update | 2024-11-21 | N/A | 7.8 HIGH |
| Dell Command Update, Dell Update and Alienware Update versions prior to 4.6.0 contains a Local Privilege Escalation Vulnerability in the custom catalog configuration. A local malicious user may potentially exploit this vulnerability in order to elevate their privileges. | |||||
| CVE-2022-34356 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | N/A | 7.8 HIGH |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root privileges. IBM X-Force ID: 230502. | |||||
| CVE-2022-34355 | 1 Ibm | 2 Collaborative Lifecycle Management, Engineering Lifecycle Management | 2024-11-21 | N/A | 4.0 MEDIUM |
| IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498. | |||||