Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30165 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-10-05 | 6.5 MEDIUM | 8.8 HIGH |
| Windows Kerberos Elevation of Privilege Vulnerability. | |||||
| CVE-2022-30184 | 3 Apple, Fedoraproject, Microsoft | 7 Macos, Fedora, .net and 4 more | 2022-10-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| .NET and Visual Studio Information Disclosure Vulnerability. | |||||
| CVE-2020-6240 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 753, 754 and SAP_BASIS 700, 710, 730, 731, 804) allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service leading to Denial of Service | |||||
| CVE-2020-6280 | 1 Sap | 2 Abap Platform, Netweaver Application Server Abap | 2022-10-05 | 4.0 MEDIUM | 2.7 LOW |
| SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure. | |||||
| CVE-2020-6310 | 1 Sap | 2 Abap Platform, Netweaver Application Server Abap | 2022-10-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure. | |||||
| CVE-2022-33882 | 1 Autodesk | 1 Autodesk Desktop | 2022-10-05 | N/A | 9.8 CRITICAL |
| Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code. | |||||
| CVE-2021-33663 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83,7.84, allows an unauthorized attacker to insert cleartext commands due to improper restriction of I/O buffering into encrypted SMTP sessions over the network which can partially impact the integrity of the application. | |||||
| CVE-2021-27603 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| An RFC enabled function module SPI_WAIT_MILLIS in SAP NetWeaver AS ABAP, versions - 731, 740, 750, allows to keep a work process busy for any length of time. An attacker could call this function module multiple times to block all work processes thereby causing Denial of Service and affecting the Availability of the SAP system. | |||||
| CVE-2021-21446 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, this has a high impact on the availability of the service. | |||||
| CVE-2020-6296 | 1 Sap | 2 Abap Platform, Netweaver Application Server Abap | 2022-10-05 | 6.5 MEDIUM | 8.8 HIGH |
| SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application. | |||||
| CVE-2020-6299 | 1 Sap | 2 Abap Platform, Netweaver Application Server Abap | 2022-10-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure. | |||||
| CVE-2020-6371 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| User enumeration vulnerability can be exploited to get a list of user accounts and personal user information can be exposed in SAP NetWeaver Application Server ABAP (POWL test application) versions - 710, 711, 730, 731, 740, 750, leading to Information Disclosure. | |||||
| CVE-2020-26819 | 1 Sap | 1 Netweaver Application Server Abap | 2022-10-05 | 6.5 MEDIUM | 8.8 HIGH |
| SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, that allows them to read and delete database logfiles because of Improper Access Control. | |||||
| CVE-2022-41425 | 1 Axiosys | 1 Bento4 | 2022-10-05 | N/A | 6.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt. | |||||
| CVE-2022-41423 | 1 Axiosys | 1 Bento4 | 2022-10-05 | N/A | 6.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component. | |||||
| CVE-2022-40922 | 1 Lief-project | 1 Lief | 2022-10-05 | N/A | 6.5 MEDIUM |
| A vulnerability in the LIEF::MachO::BinaryParser::init_and_parse function of LIEF v0.12.1 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted MachO file. | |||||
| CVE-2021-3572 | 2 Oracle, Pypa | 4 Agile Plm, Communications Cloud Native Core Network Function Cloud Native Environment, Communications Cloud Native Core Policy and 1 more | 2022-10-04 | 3.5 LOW | 5.7 MEDIUM |
| A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. | |||||
| CVE-2022-0516 | 5 Debian, Fedoraproject, Linux and 2 more | 31 Debian Linux, Fedora, Linux Kernel and 28 more | 2022-10-04 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4. | |||||
| CVE-2022-42300 | 1 Veritas | 1 Netbackup | 2022-10-04 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.) | |||||
| CVE-2022-42299 | 1 Veritas | 1 Netbackup | 2022-10-04 | N/A | 7.5 HIGH |
| An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service. | |||||