Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35793 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-15 | N/A | 7.3 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35755. | |||||
| CVE-2022-35792 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-08-15 | N/A | 7.8 HIGH |
| Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-35762, CVE-2022-35763, CVE-2022-35764, CVE-2022-35765. | |||||
| CVE-2022-28880 | 3 Apple, F-secure, Microsoft | 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more | 2022-08-15 | N/A | 7.5 HIGH |
| A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2022-27535 | 2 Kaspersky, Microsoft | 2 Vpn Secure Connection, Windows | 2022-08-15 | N/A | 7.8 HIGH |
| Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker. | |||||
| CVE-2022-20292 | 1 Google | 1 Android | 2022-08-15 | N/A | 7.8 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202975040 | |||||
| CVE-2022-20297 | 1 Google | 1 Android | 2022-08-15 | N/A | 7.8 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201561699 | |||||
| CVE-2022-20302 | 1 Google | 1 Android | 2022-08-15 | N/A | 7.6 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200746457 | |||||
| CVE-2022-20308 | 1 Google | 1 Android | 2022-08-15 | N/A | 7.5 HIGH |
| In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-197874458 | |||||
| CVE-2022-23238 | 5 Canonical, Centos, Linux and 2 more | 5 Ubuntu Linux, Centos, Linux Kernel and 2 more | 2022-08-15 | N/A | 6.5 MEDIUM |
| Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. | |||||
| CVE-2022-2776 | 1 Gym Management System Project | 1 Gym Management System | 2022-08-15 | N/A | 5.3 MEDIUM |
| A vulnerability classified as problematic has been found in SourceCodester Gym Management System. Affected is an unknown function of the file delete_user.php. The manipulation of the argument delete_user leads to denial of service. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206172. | |||||
| CVE-2022-37001 | 1 Huawei | 1 Harmonyos | 2022-08-15 | N/A | 7.5 HIGH |
| The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash. | |||||
| CVE-2022-37004 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-08-15 | N/A | 7.5 HIGH |
| The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2022-35794 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-08-15 | N/A | 8.1 HIGH |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34702, CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767. | |||||
| CVE-2022-35795 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-15 | N/A | 7.8 HIGH |
| Windows Error Reporting Service Elevation of Privilege Vulnerability. | |||||
| CVE-2022-0670 | 3 Fedoraproject, Linuxfoundation, Redhat | 3 Fedora, Ceph, Ceph Storage | 2022-08-15 | N/A | 9.1 CRITICAL |
| A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2. | |||||
| CVE-2022-35797 | 1 Microsoft | 2 Windows 10, Windows 11 | 2022-08-15 | N/A | 6.1 MEDIUM |
| Windows Hello Security Feature Bypass Vulnerability. | |||||
| CVE-2022-35804 | 1 Microsoft | 1 Windows 11 | 2022-08-15 | N/A | 8.8 HIGH |
| SMB Client and Server Remote Code Execution Vulnerability. | |||||
| CVE-2019-2537 | 6 Canonical, Debian, Mariadb and 3 more | 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more | 2022-08-15 | 4.0 MEDIUM | 4.9 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2022-35806 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2022-08-15 | N/A | 7.8 HIGH |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30175, CVE-2022-30176, CVE-2022-34687, CVE-2022-35773, CVE-2022-35779. | |||||
| CVE-2022-35820 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-15 | N/A | 7.8 HIGH |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability. | |||||