Total
34338 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29405 | 1 Apache | 1 Archiva | 2024-11-21 | 6.5 Medium |
| In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8 | ||||
| CVE-2022-29264 | 1 Coreboot | 1 Coreboot | 2024-11-21 | 9.8 Critical |
| An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur. | ||||
| CVE-2022-29262 | 1 Intel | 66 Compute Module Hns2600bpb, Compute Module Hns2600bpb24, Compute Module Hns2600bpb24 Firmware and 63 more | 2024-11-21 | 7.9 High |
| Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-29014 | 1 Razer | 2 Sila, Sila Firmware | 2024-11-21 | 7.5 High |
| A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files. | ||||
| CVE-2022-28995 | 1 Yogeshojha | 1 Rengine | 2024-11-21 | 9.8 Critical |
| Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function. | ||||
| CVE-2022-28987 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2024-11-21 | 5.3 Medium |
| Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login. | ||||
| CVE-2022-28956 | 1 Dlink | 2 Dir-816l, Dir-816l Firmware | 2024-11-21 | 9.8 Critical |
| An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. | ||||
| CVE-2022-28940 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 7.5 High |
| In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization. It sends a large amount of data through ajaxmsg to carry out DOS attack. | ||||
| CVE-2022-28918 | 1 Njtech | 1 Greencms | 2024-11-21 | 8.1 High |
| GreenCMS v2.3.0603 was discovered to contain an arbitrary file deletion vulnerability via /index.php?m=admin&c=custom&a=plugindelhandle&plugin_name=. | ||||
| CVE-2022-28885 | 1 F-secure | 2 Atlant, Linux Security | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request. | ||||
| CVE-2022-28883 | 3 Apple, F-secure, Microsoft | 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more | 2024-11-21 | 3.5 Low |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker. | ||||
| CVE-2022-28881 | 3 Apple, F-secure, Microsoft | 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker. | ||||
| CVE-2022-28880 | 3 Apple, F-secure, Microsoft | 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker. | ||||
| CVE-2022-28879 | 2 Apple, F-secure | 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine. | ||||
| CVE-2022-28878 | 3 Apple, F-secure, Microsoft | 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine. | ||||
| CVE-2022-28877 | 2 F-secure, Microsoft | 2 Elements Endpoint Protection, Windows | 2024-11-21 | 4.3 Medium |
| This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation. | ||||
| CVE-2022-28876 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more | 2024-11-21 | 4.3 Medium |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker. | ||||
| CVE-2022-28873 | 1 F-secure | 1 Safe | 2024-11-21 | 4.3 Medium |
| A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks. | ||||
| CVE-2022-28872 | 1 F-secure | 1 Safe | 2024-11-21 | 4.3 Medium |
| A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop. | ||||
| CVE-2022-28870 | 1 F-secure | 1 Safe | 2024-11-21 | 4.3 Medium |
| A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails. | ||||