Export limit exceeded: 363618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-37895 2 Arubanetworks, Siemens 4 Arubaos, Instant, Scalance W1750d and 1 more 2024-11-21 4.9 Medium
An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.
CVE-2022-37894 2 Arubanetworks, Siemens 4 Arubaos, Instant, Scalance W1750d and 1 more 2024-11-21 6.5 Medium
An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InstantOS that address this security vulnerability.
CVE-2022-37861 1 Tenhot 2 Tws-100, Tws-100 Firmware 2024-11-21 9.8 Critical
There is a remote code execution (RCE) vulnerability in Tenhot TWS-100 V4.0-201809201424 router device. It is necessary to know that the device account password is allowed to escape the execution system command through the network tools in the network diagnostic component.
CVE-2022-37779 1 Phicomm 8 Fir151b, Fir151b Firmware, Fir300b and 5 more 2024-11-21 7.2 High
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the sendnum parameter of the ping function.
CVE-2022-37778 1 Phicomm 8 Fir151b, Fir151b Firmware, Fir300b and 5 more 2024-11-21 7.2 High
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function.
CVE-2022-37777 1 Phicomm 8 Fir151b, Fir151b Firmware, Fir300b and 5 more 2024-11-21 7.2 High
Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.
CVE-2022-37661 1 Adtran 4 Sr506n, Sr506n Firmware, Sr510n and 1 more 2024-11-21 9.8 Critical
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
CVE-2022-37450 1 Ethereum 1 Go Ethereum 2024-11-21 5.9 Medium
Go Ethereum (aka geth) through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making (RUM), as exploited in the wild in 2020 through 2022.
CVE-2022-37439 1 Splunk 2 Splunk, Universal Forwarder 2024-11-21 5.5 Medium
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.
CVE-2022-37438 1 Splunk 2 Splunk, Splunk Cloud Platform 2024-11-21 2.6 Low
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web.
CVE-2022-37416 1 Ittiam 1 Libmpeg2 2024-11-21 6.5 Medium
Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8.
CVE-2022-37396 1 Jetbrains 1 Rider 2024-11-21 4.1 Medium
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution
CVE-2022-37394 2 Openstack, Redhat 2 Nova, Openstack 2024-11-21 3.3 Low
An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.
CVE-2022-37393 1 Zimbra 1 Collaboration 2024-11-21 7.8 High
Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
CVE-2022-37336 1 Intel 52 Nuc 10 Performance Kit Nuc10i3fnh, Nuc 10 Performance Kit Nuc10i3fnh Firmware, Nuc 10 Performance Kit Nuc10i3fnhf and 49 more 2024-11-21 7.9 High
Improper input validation in BIOS firmware for some Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-37237 1 Zlmediakit 1 Zlmediakit 2024-11-21 7.5 High
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327.
CVE-2022-37176 1 Tendacn 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
CVE-2022-37024 1 Zohocorp 7 Manageengine Firewall Analyzer, Manageengine Netflow Analyzer, Manageengine Network Configuration Manager and 4 more 2024-11-21 8.8 High
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
CVE-2022-37001 1 Huawei 1 Harmonyos 2024-11-21 7.5 High
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.
CVE-2022-37000 1 Veritas 4 Flex Appliance, Flex Scale, Netbackup and 1 more 2024-11-21 6.5 Medium
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server.