Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-22953 | 1 Vmware | 1 Vmware Hcx | 2024-11-21 | 6.5 Medium |
| VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information. | ||||
| CVE-2022-22938 | 2 Microsoft, Vmware | 3 Windows, Horizon, Workstation | 2024-11-21 | 6.5 Medium |
| VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueType font parser. A malicious actor with access to a virtual machine or remote desktop may exploit this issue to trigger a denial-of-service condition in the Thinprint service running on the host machine where VMware Workstation or Horizon Client for Windows is installed. | ||||
| CVE-2022-22930 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 9.8 Critical |
| A remote code execution (RCE) vulnerability in the Template Management function of MCMS v5.2.4 allows attackers to execute arbitrary code via a crafted payload. | ||||
| CVE-2022-22916 | 1 Zoneland | 1 O2oa | 2024-11-21 | 9.8 Critical |
| O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke. | ||||
| CVE-2022-22891 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c. | ||||
| CVE-2022-22847 | 1 Formpipe | 1 Lasernet | 2024-11-21 | 9.8 Critical |
| Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication). | ||||
| CVE-2022-22846 | 1 Dnslib Project | 1 Dnslib | 2024-11-21 | 7.5 High |
| The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query. | ||||
| CVE-2022-22833 | 1 Servisnet | 1 Tessa | 2024-11-21 | 7.5 High |
| An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request. | ||||
| CVE-2022-22817 | 3 Debian, Python, Redhat | 5 Debian Linux, Pillow, Enterprise Linux and 2 more | 2024-11-21 | 9.8 Critical |
| PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. | ||||
| CVE-2022-22814 | 1 Asus | 1 Myasus | 2024-11-21 | 9.8 Critical |
| The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. | ||||
| CVE-2022-22793 | 1 Cybonet | 1 Pineapp Mail Secure | 2024-11-21 | 6.1 Medium |
| Cybonet - PineApp Mail Relay Local File Inclusion. Attacker can send a request to : /manage/mailpolicymtm/log/eml_viewer/email.content.body.php?filesystem_path=ENCDODED PATH and by doing that, the attacker can read Local Files inside the server. | ||||
| CVE-2022-22783 | 1 Zoom | 2 Zoom On-premise Meeting Connector Controller, Zoom On-premise Meeting Connector Mmr | 2024-11-21 | 6.5 Medium |
| A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. | ||||
| CVE-2022-22782 | 1 Zoom | 4 Meetings, Rooms For Conference Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | 7.9 High |
| The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine. | ||||
| CVE-2022-22772 | 3 Ibm, Opengroup, Tibco | 3 Z Linux, Unix, Managed File Transfer Platform Server | 2024-11-21 | 8.5 High |
| The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below. | ||||
| CVE-2022-22770 | 1 Tibco | 1 Auditsafe | 2024-11-21 | 9.8 Critical |
| The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and below. | ||||
| CVE-2022-22676 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. | ||||
| CVE-2022-22673 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 7.5 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. | ||||
| CVE-2022-22671 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 4.6 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2022-22670 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 3.3 Low |
| An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed. | ||||
| CVE-2022-22665 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. | ||||