Total
34333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-22891 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 5.5 Medium |
| Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via ecma_ref_object_inline in /jerry-core/ecma/base/ecma-gc.c. | ||||
| CVE-2022-22847 | 1 Formpipe | 1 Lasernet | 2024-11-21 | 9.8 Critical |
| Formpipe Lasernet before 9.13.3 allows file inclusion in Client Web Services (either by an authenticated attacker, or in a configuration that does not require authentication). | ||||
| CVE-2022-22846 | 1 Dnslib Project | 1 Dnslib | 2024-11-21 | 7.5 High |
| The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query. | ||||
| CVE-2022-22833 | 1 Servisnet | 1 Tessa | 2024-11-21 | 7.5 High |
| An issue was discovered in Servisnet Tessa 0.0.2. An attacker can obtain sensitive information via a /js/app.js request. | ||||
| CVE-2022-22817 | 3 Debian, Python, Redhat | 5 Debian Linux, Pillow, Enterprise Linux and 2 more | 2024-11-21 | 9.8 Critical |
| PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. | ||||
| CVE-2022-22814 | 1 Asus | 1 Myasus | 2024-11-21 | 9.8 Critical |
| The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. | ||||
| CVE-2022-22793 | 1 Cybonet | 1 Pineapp Mail Secure | 2024-11-21 | 6.1 Medium |
| Cybonet - PineApp Mail Relay Local File Inclusion. Attacker can send a request to : /manage/mailpolicymtm/log/eml_viewer/email.content.body.php?filesystem_path=ENCDODED PATH and by doing that, the attacker can read Local Files inside the server. | ||||
| CVE-2022-22783 | 1 Zoom | 2 Zoom On-premise Meeting Connector Controller, Zoom On-premise Meeting Connector Mmr | 2024-11-21 | 6.5 Medium |
| A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker. | ||||
| CVE-2022-22782 | 1 Zoom | 4 Meetings, Rooms For Conference Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | 7.9 High |
| The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the user’s host machine. | ||||
| CVE-2022-22772 | 3 Ibm, Opengroup, Tibco | 3 Z Linux, Unix, Managed File Transfer Platform Server | 2024-11-21 | 8.5 High |
| The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX and TIBCO Managed File Transfer Platform Server for z/Linux contain a difficult to exploit Remote Code Execution (RCE) vulnerability that allows a low privileged attacker with network access to execute arbitrary code on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for UNIX: versions 8.1.0 and below and TIBCO Managed File Transfer Platform Server for z/Linux: versions 8.1.0 and below. | ||||
| CVE-2022-22770 | 1 Tibco | 1 Auditsafe | 2024-11-21 | 9.8 Critical |
| The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and below. | ||||
| CVE-2022-22676 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An event handler validation issue in the XPC Services API was addressed by removing the service. This issue is fixed in macOS Monterey 12.2. An application may be able to delete files for which it does not have permission. | ||||
| CVE-2022-22673 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 7.5 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.5 and iPadOS 15.5. Processing a large input may lead to a denial of service. | ||||
| CVE-2022-22671 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 4.6 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2022-22670 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 3.3 Low |
| An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed. | ||||
| CVE-2022-22665 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.8 High |
| A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3. A malicious application may be able to gain root privileges. | ||||
| CVE-2022-22663 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 5.5 Medium |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-004 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.6. A malicious application may bypass Gatekeeper checks. | ||||
| CVE-2022-22662 | 3 Apple, Fedoraproject, Redhat | 5 Mac Os X, Macos, Fedora and 2 more | 2024-11-21 | 6.5 Medium |
| A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. | ||||
| CVE-2022-22659 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 6.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information. | ||||
| CVE-2022-22655 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 5.5 Medium |
| An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information. | ||||