Total
34361 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35412 | 1 Digitalguardian | 1 Digital Guardian | 2024-11-21 | 5.1 Medium |
| Digital Guardian Agent 7.7.4.0042 allows an administrator (who ordinarily does not have a supported way to uninstall the product) to disable some of the agent functionality and then exfiltrate files to an external USB device. | ||||
| CVE-2022-35403 | 1 Zohocorp | 4 Manageengine Assetexplorer, Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp and 1 more | 2024-11-21 | 7.5 High |
| Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.) | ||||
| CVE-2022-35290 | 1 Sap | 1 Authenticator | 2024-11-21 | 7.5 High |
| Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted. | ||||
| CVE-2022-35288 | 1 Ibm | 1 Security Verify Information Queue | 2024-11-21 | 6.5 Medium |
| IBM Security Verify Information Queue 10.0.2 could allow a user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 230818. | ||||
| CVE-2022-35283 | 2 Ibm, Linux | 2 Security Verify Information Queue, Linux Kernel | 2024-11-21 | 6.5 Medium |
| IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request. | ||||
| CVE-2022-35228 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 8.8 High |
| SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application. | ||||
| CVE-2022-35201 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. | ||||
| CVE-2022-35195 | 1 Testlink | 1 Testlink | 2024-11-21 | 7.2 High |
| TestLink 1.9.20 Raijin was discovered to contain a broken access control vulnerability at /lib/attachments/attachmentdownload.php | ||||
| CVE-2022-35158 | 1 Tencent | 1 Tscancode | 2024-11-21 | 7.5 High |
| A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service (DoS) via a crafted lua script. | ||||
| CVE-2022-35019 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a segmentation fault. | ||||
| CVE-2022-35018 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a segmentation fault. | ||||
| CVE-2022-35014 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 contains a segmentation fault. | ||||
| CVE-2022-35004 | 1 Bitbanksoftware | 1 Jpegdec | 2024-11-21 | 5.5 Medium |
| JPEGDEC commit be4843c was discovered to contain a FPE via TIFFSHORT at /src/jpeg.inl. | ||||
| CVE-2022-35002 | 1 Bitbanksoftware | 1 Jpegdec | 2024-11-21 | 5.5 Medium |
| JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl. | ||||
| CVE-2022-35000 | 1 Bitbanksoftware | 1 Jpegdec | 2024-11-21 | 5.5 Medium |
| JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c. | ||||
| CVE-2022-34983 | 1 Scu-captcha Project | 1 Scu-captcha | 2024-11-21 | 9.8 Critical |
| The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party. | ||||
| CVE-2022-34982 | 1 Eziod Project | 1 Eziod | 2024-11-21 | 9.8 Critical |
| The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | ||||
| CVE-2022-34981 | 1 Pycrowdtangle Project | 1 Pycrowdtangle | 2024-11-21 | 9.8 Critical |
| The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party. | ||||
| CVE-2022-34912 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-11-21 | 6.1 Medium |
| An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. The contributions-title, used on Special:Contributions, is used as page title without escaping. Hence, in a non-default configuration where a username contains HTML entities, it won't be escaped. | ||||
| CVE-2022-34844 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-11-21 | 5.9 Medium |
| In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||