Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41049 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-03-10 | N/A | 5.4 MEDIUM |
| Windows Mark of the Web Security Feature Bypass Vulnerability | |||||
| CVE-2022-41061 | 1 Microsoft | 7 365 Apps, Office, Office Online Server and 4 more | 2023-03-10 | N/A | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2022-41066 | 1 Microsoft | 2 Dynamics 365 Business Central, Dynamics Nav | 2023-03-10 | N/A | 4.4 MEDIUM |
| Microsoft Business Central Information Disclosure Vulnerability | |||||
| CVE-2022-41048 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-03-10 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2022-41109 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-03-10 | N/A | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-41107 | 1 Microsoft | 2 365 Apps, Office | 2023-03-10 | N/A | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability | |||||
| CVE-2022-41062 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-03-10 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2022-41099 | 1 Microsoft | 2 Windows 10, Windows 11 | 2023-03-10 | N/A | 4.6 MEDIUM |
| BitLocker Security Feature Bypass Vulnerability | |||||
| CVE-2022-41047 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-03-10 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2022-41122 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-03-10 | N/A | 6.5 MEDIUM |
| Microsoft SharePoint Server Spoofing Vulnerability | |||||
| CVE-2022-20952 | 1 Cisco | 4 Asyncos, S195, S395 and 1 more | 2023-03-10 | N/A | 5.3 MEDIUM |
| A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked. This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device. | |||||
| CVE-2023-27567 | 1 Openbsd | 1 Openbsd | 2023-03-10 | N/A | 7.5 HIGH |
| In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel. | |||||
| CVE-2023-26604 | 1 Systemd Project | 1 Systemd | 2023-03-10 | N/A | 7.8 HIGH |
| systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. | |||||
| CVE-2023-20088 | 1 Cisco | 1 Finesse | 2023-03-10 | N/A | 7.5 HIGH |
| A vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. This vulnerability is due to improper IP address filtering by the reverse proxy. An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. A successful exploit could allow the attacker to cause all current traffic and subsequent requests to the reverse proxy through a load balancer to be dropped, resulting in a DoS condition. | |||||
| CVE-2022-38734 | 1 Netapp | 1 Storagegrid | 2023-03-09 | N/A | 7.5 HIGH |
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service. | |||||
| CVE-2022-27672 | 1 Amd | 330 A10-9600p, A10-9600p Firmware, A10-9630p and 327 more | 2023-03-09 | N/A | 4.7 MEDIUM |
| When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. | |||||
| CVE-2022-20551 | 1 Google | 1 Android | 2023-03-09 | N/A | 6.7 MEDIUM |
| In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243376549 | |||||
| CVE-2022-20481 | 1 Google | 1 Android | 2023-03-09 | N/A | 5.5 MEDIUM |
| In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115 | |||||
| CVE-2021-46841 | 1 Apple | 1 Music | 2023-03-09 | N/A | 5.9 MEDIUM |
| This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity. | |||||
| CVE-2022-32906 | 1 Apple | 1 Music | 2023-03-09 | N/A | 5.3 MEDIUM |
| This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections. | |||||