Total
32703 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32974 | 1 Tenable | 1 Nessus | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. | |||||
| CVE-2022-32973 | 1 Tenable | 1 Nessus | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. | |||||
| CVE-2022-32920 | 1 Apple | 1 Xcode | 2024-11-21 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information. | |||||
| CVE-2022-32876 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 3.3 LOW |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13. A shortcut may be able to view the hidden photos album without authentication. | |||||
| CVE-2022-32872 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 2.4 LOW |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen. | |||||
| CVE-2022-32868 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2024-11-21 | N/A | 4.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions. | |||||
| CVE-2022-32864 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory. | |||||
| CVE-2022-32854 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-32795 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 4.3 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. Visiting a malicious website may lead to address bar spoofing. | |||||
| CVE-2022-32766 | 1 Intel | 2 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-32751 | 1 Ibm | 1 Security Verify Directory | 2024-11-21 | N/A | 5.3 MEDIUM |
| IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. IBM X-Force ID: 228437. | |||||
| CVE-2022-32742 | 1 Samba | 1 Samba | 2024-11-21 | N/A | 4.3 MEDIUM |
| A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer). | |||||
| CVE-2022-32741 | 1 Otrs | 1 Otrs | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time. | |||||
| CVE-2022-32740 | 1 Otrs | 1 Otrs | 2024-11-21 | 4.3 MEDIUM | 3.5 LOW |
| A reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances. | |||||
| CVE-2022-32739 | 1 Otrs | 2 Calendar Resource Planning, Otrs | 2024-11-21 | 5.0 MEDIUM | 3.5 LOW |
| When Secure::DisableBanner system configuration has been disabled and agent shares his calendar via public URL, received ICS file contains OTRS release number. | |||||
| CVE-2022-32582 | 1 Intel | 78 Nuc 11 Performance Kit Nuc11pahi3, Nuc 11 Performance Kit Nuc11pahi30z, Nuc 11 Performance Kit Nuc11pahi30z Firmware and 75 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper access control in firmware for some Intel(R) NUC Boards, Intel(R) NUC 11 Performance Kit, Intel(R) NUC 11 Performance Mini PC, Intel(R) NUC Pro Compute Element may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2022-32564 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie. | |||||
| CVE-2022-32561 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 3.5 LOW | 4.9 MEDIUM |
| An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. | |||||
| CVE-2022-32558 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure. | |||||
| CVE-2022-32554 | 1 Purestorage | 2 Purity\/\/fa, Purity\/\/fb | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases are vulnerable to possibly exposed credentials for accessing the product’s management interface. The password may be known outside Pure Storage and could be used on an affected system, if reachable, to execute arbitrary instructions with root privileges. No other Pure Storage products or services are affected. Remediation is available from Pure Storage via a self-serve “opt-in” patch, manual patch application or a software upgrade to an unaffected version of Purity software. | |||||