Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-35370 | 1 Txjia | 1 Imcat | 2023-03-06 | N/A | 9.8 CRITICAL |
| An issue found in Peacexie Imcat v5.4 allows attackers to execute arbitrary code via the incomplete filtering function. | |||||
| CVE-2022-36369 | 1 Intel | 1 Qatzip | 2023-03-06 | N/A | 7.8 HIGH |
| Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-36348 | 1 Intel | 1 Server Platform Services | 2023-03-06 | N/A | 7.8 HIGH |
| Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-21163 | 1 Intel | 1 Crypto Api Toolkit For Intel Sgx | 2023-03-06 | N/A | 7.8 HIGH |
| Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-20934 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.8 HIGH |
| In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-258672042 | |||||
| CVE-2022-36797 | 1 Vmware | 1 Ixgben | 2023-03-06 | N/A | 5.5 MEDIUM |
| Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-36416 | 1 Vmware | 1 Ixgben | 2023-03-06 | N/A | 7.8 HIGH |
| Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-4492 | 1 Redhat | 10 Build Of Quarkus, Integration Camel For Spring Boot, Integration Camel K and 7 more | 2023-03-06 | N/A | 7.5 HIGH |
| The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol. | |||||
| CVE-2021-35369 | 1 Txjia | 1 Imcat | 2023-03-06 | N/A | 6.5 MEDIUM |
| Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents function. | |||||
| CVE-2022-38056 | 1 Intel | 1 Endpoint Management Assistant | 2023-03-06 | N/A | 5.3 MEDIUM |
| Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-34157 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-03-06 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-46440 | 1 Swftools | 1 Swftools | 2023-03-06 | N/A | 5.5 MEDIUM |
| ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c. | |||||
| CVE-2021-33104 | 1 Intel | 1 One Boot Flash Update | 2023-03-06 | N/A | 5.5 MEDIUM |
| Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-24104 | 1 Ui | 2 Unifi Dream Machine Pro, Unifi Dream Machine Pro Firmware | 2023-03-06 | N/A | 9.8 CRITICAL |
| Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets. | |||||
| CVE-2023-27372 | 2 Debian, Spip | 2 Debian Linux, Spip | 2023-03-06 | N/A | 9.8 CRITICAL |
| SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | |||||
| CVE-2022-47075 | 1 Smartofficepayroll | 1 Smartoffice | 2023-03-06 | N/A | 7.5 HIGH |
| An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx. | |||||
| CVE-2022-47076 | 1 Smartofficepayroll | 1 Smartoffice | 2023-03-06 | N/A | 7.5 HIGH |
| An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx. | |||||
| CVE-2023-23507 | 1 Apple | 1 Macos | 2023-03-03 | N/A | 7.8 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-23512 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-03 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service. | |||||
| CVE-2023-23511 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-03 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. | |||||