Total
32539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26131 | 1 Hegemonelectronics | 2 Plc4trucks, Plc4trucks Firmware | 2024-11-21 | 7.5 HIGH | 9.3 CRITICAL |
| Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals. | |||||
| CVE-2022-26110 | 2 Debian, Wisc | 2 Debian Linux, Htcondor | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon. | |||||
| CVE-2022-26103 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| Under certain conditions, SAP NetWeaver (Real Time Messaging Framework) - version 7.50, allows an attacker to access information which could lead to information gathering for further exploits and attacks. | |||||
| CVE-2022-26078 | 1 Gallagher | 2 Controller 6000, Controller 6000 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Gallagher Controller 6000 vCR8.60 versions prior to 220303a; vCR8.50 versions prior to 220303a; vCR8.40 versions prior to 220303a; vCR8.30 versions prior to 220303a. | |||||
| CVE-2022-25932 | 1 Inhandnetworks | 2 Inrouter302, Inrouter302 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are incomplete. An attacker can still perform, respectively, a privilege escalation and an information disclosure vulnerability. | |||||
| CVE-2022-25914 | 1 Jib Project | 1 Jib | 2024-11-21 | N/A | 5.6 MEDIUM |
| The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input. | |||||
| CVE-2022-25892 | 1 Muhammara Project | 1 Muhammara | 2024-11-21 | N/A | 7.5 HIGH |
| The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed. | |||||
| CVE-2022-25891 | 1 Containrrr | 1 Shoutrrr | 2024-11-21 | N/A | 7.5 HIGH |
| The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service (DoS) via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages. | |||||
| CVE-2022-25815 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2022-25814 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2022-25780 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope. | |||||
| CVE-2022-25674 | 1 Qualcomm | 32 Ar8031, Ar8031 Firmware, Csra6620 and 29 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||||
| CVE-2022-25641 | 2 Foxit, Microsoft | 4 Pdf Editor, Pdf Reader, Phantompdf and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack. | |||||
| CVE-2022-25625 | 1 Broadcom | 1 Symantec Privileged Access Management | 2024-11-21 | N/A | 8.8 HIGH |
| A malicious unauthorized PAM user can access the administration configuration data and change the values. | |||||
| CVE-2022-25623 | 1 Symantec | 1 Management Agent | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations. | |||||
| CVE-2022-25594 | 1 Program | 1 Parking Lot Management System | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information. | |||||
| CVE-2022-25584 | 1 Flexwatch | 2 Fw3170-ps-e, Fw3170-ps-e Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to access sensitive information. | |||||
| CVE-2022-25571 | 1 Bluedon | 1 Internet Access Detector | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Bluedon Information Security Technologies Co.,Ltd Internet Access Detector v1.0 was discovered to contain an information leak which allows attackers to access the contents of the password file via unspecified vectors. | |||||
| CVE-2022-25511 | 1 Freetakserver-ui Project | 1 Freetakserver-ui | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system. | |||||
| CVE-2022-25478 | 1 Realtek | 2 Rtsper, Rtsuer | 2024-11-21 | N/A | 7.8 HIGH |
| Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PCI configuration space of the device. | |||||