Total
32703 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33643 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-33642 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-33641 | 1 Microsoft | 1 Azure Site Recovery Vmware To Azure | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Azure Site Recovery Elevation of Privilege Vulnerability | |||||
| CVE-2022-33637 | 1 Microsoft | 1 Defender For Endpoint | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft Defender for Endpoint Tampering Vulnerability | |||||
| CVE-2022-33633 | 1 Microsoft | 2 Lync Server, Skype For Business | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Skype for Business and Lync Remote Code Execution Vulnerability | |||||
| CVE-2022-33632 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | 4.6 MEDIUM | 4.7 MEDIUM |
| Microsoft Office Security Feature Bypass Vulnerability | |||||
| CVE-2022-33127 | 2 Diffy Project, Microsoft | 2 Diffy, Windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a filename when run in a windows environment. This allows attackers to execute arbitrary commands via a crafted string. | |||||
| CVE-2022-33085 | 1 Ecisp | 1 Espcms-p8 | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the fetch_filename function at \espcms_public\espcms_templates\ESPCMS_Templates. | |||||
| CVE-2022-33082 | 1 Openpolicyagent | 1 Open Policy Agent | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2022-33070 | 2 Fedoraproject, Protobuf-c Project | 2 Fedora, Protobuf-c | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | |||||
| CVE-2022-33067 | 1 Long Range Zip Project | 1 Long Range Zip | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magic in lrzip.c and Predictor::init in libzpaq/libzpaq.cpp. These vulnerabilities allow attackers to cause a Denial of Service via unspecified vectors. | |||||
| CVE-2022-33004 | 1 Pypi | 1 Beginner | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-33003 | 1 Pypi | 1 Watools | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-33002 | 1 Pypi | 1 Explore | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-33001 | 1 Pypi | 1 Aamiles | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-33000 | 1 Pypi | 1 Ml-scanner | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-32999 | 1 Pypi | 1 Cloudlabeling | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-32998 | 1 Pypi | 1 Cryptoasset-data-downloader | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-32997 | 1 Pypi | 1 Rootinteractive | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-32996 | 1 Pypi | 1 Django-navbar-client | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||