Total
34334 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27983 | 1 Ruijienetworks | 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware | 2024-11-21 | 7.5 High |
| RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain an arbitrary file read vulnerability via the url parameter in check.php. | ||||
| CVE-2022-27982 | 1 Ruijienetworks | 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware | 2024-11-21 | 9.8 Critical |
| RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution (RCE) vulnerability via the fileName parameter at /guest_auth/cfg/upLoadCfg.php. | ||||
| CVE-2022-27969 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers. | ||||
| CVE-2022-27968 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles. | ||||
| CVE-2022-27967 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles. | ||||
| CVE-2022-27948 | 1 Tesla | 6 Model 3, Model 3 Firmware, Model S and 3 more | 2024-11-21 | 7.2 High |
| Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended | ||||
| CVE-2022-27936 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. | ||||
| CVE-2022-27935 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | ||||
| CVE-2022-27934 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27933 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 8.2 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27932 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27931 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27930 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 5.9 Medium |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. | ||||
| CVE-2022-27929 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27928 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27911 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. | ||||
| CVE-2022-27909 | 1 Jdownloads | 1 Jdownloads | 2024-11-21 | 4.3 Medium |
| In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files | ||||
| CVE-2022-27813 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-11-21 | 8.1 High |
| Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions. | ||||
| CVE-2022-27812 | 1 Stormshield | 1 Stormshield Network Security | 2024-11-21 | 7.5 High |
| Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. | ||||
| CVE-2022-27775 | 6 Brocade, Debian, Haxx and 3 more | 18 Fabric Operating System, Debian Linux, Curl and 15 more | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | ||||