Total
34341 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29935 | 1 Usu | 1 Oracle Optimization | 2024-11-21 | 7.5 High |
| USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product. | ||||
| CVE-2022-29891 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 Medium |
| Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified vectors. | ||||
| CVE-2022-29885 | 3 Apache, Debian, Oracle | 3 Tomcat, Debian Linux, Hospitality Cruise Shipboard Property Management System | 2024-11-21 | 7.5 High |
| The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. | ||||
| CVE-2022-29859 | 1 Amb1 Sdk Project | 1 Amb1 Sdk | 2024-11-21 | 9.8 Critical |
| component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data. | ||||
| CVE-2022-29849 | 1 Progress | 1 Openedge | 2024-11-21 | 7.8 High |
| In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system. | ||||
| CVE-2022-29846 | 1 Progress | 1 Whatsup Gold | 2024-11-21 | 5.3 Medium |
| In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number. | ||||
| CVE-2022-29798 | 1 Huawei | 2 Cv81-wdm, Cv81-wdm Firmware | 2024-11-21 | 7.5 High |
| There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service. | ||||
| CVE-2022-29796 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | ||||
| CVE-2022-29793 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.5 High |
| There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. | ||||
| CVE-2022-29792 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-29791 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | ||||
| CVE-2022-29790 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | ||||
| CVE-2022-29789 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | ||||
| CVE-2022-29784 | 1 Publiccms | 1 Publiccms | 2024-11-21 | 5.3 Medium |
| PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java. | ||||
| CVE-2022-29780 | 1 Nginx | 1 Njs | 2024-11-21 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c. | ||||
| CVE-2022-29779 | 1 Nginx | 1 Njs | 2024-11-21 | 5.5 Medium |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. | ||||
| CVE-2022-29778 | 2 D-link, Dlink | 3 Dir-890l Firmware, Dir-890l, Dir-890l Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php | ||||
| CVE-2022-29619 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 6.5 Medium |
| Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted. | ||||
| CVE-2022-29614 | 1 Sap | 2 Host Agent, Netweaver Abap | 2024-11-21 | 5.0 Medium |
| SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability. | ||||
| CVE-2022-29586 | 1 Konicaminolta | 90 Bizhub 226i, Bizhub 226i Firmware, Bizhub 227 and 87 more | 2024-11-21 | 7.4 High |
| Konica Minolta bizhub MFP devices before 2022-04-14 allow a Sandbox Escape. An attacker must attach a keyboard to a USB port, press F12, and then escape from the kiosk mode. | ||||