Total
32502 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22833 | 1 Servisnet | 1 Tessa | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request. | |||||
| CVE-2022-22817 | 2 Debian, Python | 2 Debian Linux, Pillow | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. | |||||
| CVE-2022-22814 | 1 Asus | 1 Myasus | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. | |||||
| CVE-2022-22793 | 1 Cybonet | 1 Pineapp Mail Secure | 2024-11-21 | 5.0 MEDIUM | 6.1 MEDIUM |
| Cybonet - PineApp Mail Relay Local File Inclusion. Attacker can send a request to : /manage/mailpolicymtm/log/eml_viewer/email.content.body.php?filesystem_path=ENCDODED PATH and by doing that, the attacker can read Local Files inside the server. | |||||
| CVE-2022-22783 | 1 Zoom | 2 Zoom On-premise Meeting Connector Controller, Zoom On-premise Meeting Connector Mmr | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. | |||||
| CVE-2022-22782 | 1 Zoom | 4 Meetings, Rooms For Conference Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | 6.6 MEDIUM | 7.9 HIGH |
| The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine. | |||||
| CVE-2022-22772 | 3 Ibm, Opengroup, Tibco | 3 Z Linux, Unix, Managed File Transfer Platform Server | 2024-11-21 | 8.5 HIGH | 8.5 HIGH |
| The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below. | |||||
| CVE-2022-22770 | 1 Tibco | 1 Auditsafe | 2024-11-21 | 9.0 HIGH | 9.8 CRITICAL |
| The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and below. | |||||
| CVE-2022-22718 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-22717 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-22712 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-22711 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server 2012 and 3 more | 2024-11-21 | 3.3 LOW | 5.7 MEDIUM |
| Windows BitLocker Information Disclosure Vulnerability | |||||
| CVE-2022-22710 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Common Log File System Driver Denial of Service Vulnerability | |||||
| CVE-2022-22709 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| VP9 Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2022-22676 | 1 Apple | 1 Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. | |||||
| CVE-2022-22673 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. | |||||
| CVE-2022-22671 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. | |||||
| CVE-2022-22670 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed. | |||||
| CVE-2022-22665 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. | |||||
| CVE-2022-22663 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. | |||||