Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27257 1 Hubzilla 1 Hubzilla 2024-11-21 7.5 High
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter.
CVE-2022-27250 1 Unisoc 1 Unisoc Chipset 2024-11-21 9.8 Critical
The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device's screen, record video of the device's physical environment, or modify data.
CVE-2022-27243 1 Misp 1 Misp 2024-11-21 7.8 High
An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting.
CVE-2022-27227 2 Fedoraproject, Powerdns 3 Fedora, Authoritative Server, Recursor 2024-11-21 7.5 High
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
CVE-2022-27191 3 Fedoraproject, Golang, Redhat 12 Extra Packages For Enterprise Linux, Fedora, Ssh and 9 more 2024-11-21 7.5 High
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
CVE-2022-27152 1 Roku 11 Express, Express 4k\+, Roku Os and 8 more 2024-11-21 5.7 Medium
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.
CVE-2022-27133 1 Zbzcms 1 Zbzcms 2024-11-21 9.1 Critical
zbzcms v1.0 was discovered to contain an arbitrary file deletion vulnerability via /include/up.php.
CVE-2022-27049 1 Raidrive 1 Raidrive 2024-11-21 2.0 Low
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a mountpoint and log files before Raidrive is installed.
CVE-2022-26966 3 Debian, Linux, Netapp 17 Debian Linux, Linux Kernel, Active Iq Unified Manager and 14 more 2024-11-21 5.5 Medium
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
CVE-2022-26945 2 Hashicorp, Redhat 3 Go-getter, Openshift, Openstack 2024-11-21 9.8 Critical
go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0.
CVE-2022-26944 1 Percona 1 Xtrabackup 2024-11-21 6.5 Medium
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.
CVE-2022-26846 2 Debian, Spip 2 Debian Linux, Spip 2024-11-21 8.8 High
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code.
CVE-2022-26755 1 Apple 2 Mac Os X, Macos 2024-11-21 6.3 Medium
This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.
CVE-2022-26747 1 Apple 1 Xcode 2024-11-21 7.8 High
This issue was addressed with improved checks. This issue is fixed in Xcode 13.4. An app may be able to gain elevated privileges.
CVE-2022-26746 1 Apple 2 Mac Os X, Macos 2024-11-21 5.5 Medium
This issue was addressed by removing the vulnerable code. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to bypass Privacy preferences.
CVE-2022-26731 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 4.3 Medium
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode.
CVE-2022-26728 1 Apple 2 Mac Os X, Macos 2024-11-21 5.5 Medium
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files.
CVE-2022-26727 1 Apple 2 Mac Os X, Macos 2024-11-21 5.5 Medium
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system.
CVE-2022-26726 1 Apple 3 Mac Os X, Macos, Watchos 2024-11-21 6.5 Medium
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen.
CVE-2022-26725 1 Apple 1 Macos 2024-11-21 5.3 Medium
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector.