Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-1445 | 1 Cisco | 1 Adaptive Security Appliance Software | 2022-05-25 | 4.3 MEDIUM | 5.3 MEDIUM |
| Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes. | |||||
| CVE-2021-26390 | 1 Amd | 74 Athlon 300u, Athlon 300u Firmware, Ryzen 3 3200u and 71 more | 2022-05-25 | 4.9 MEDIUM | 6.2 MEDIUM |
| A malicious or compromised UApp or ABL may coerce the bootloader into corrupting arbitrary memory potentially leading to loss of integrity of data. | |||||
| CVE-2022-23670 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2022-05-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. | |||||
| CVE-2022-30697 | 1 Acronis | 1 Snap Deploy | 2022-05-24 | 4.6 MEDIUM | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640 | |||||
| CVE-2022-30708 | 1 Webmin | 1 Webmin | 2022-05-24 | 6.5 MEDIUM | 8.8 HIGH |
| Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter. | |||||
| CVE-2020-9986 | 1 Apple | 1 Mac Os X | 2022-05-24 | 4.3 MEDIUM | 3.3 LOW |
| A file access issue existed with certain home folder files. This was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.7. A malicious application may be able to read sensitive location information. | |||||
| CVE-2021-27358 | 2 Grafana, Netapp | 2 Grafana, E-series Performance Analyzer | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. | |||||
| CVE-2021-27803 | 3 Debian, Fedoraproject, W1.fi | 3 Debian Linux, Fedora, Wpa Supplicant | 2022-05-23 | 5.4 MEDIUM | 7.5 HIGH |
| A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. | |||||
| CVE-2021-23972 | 1 Mozilla | 1 Firefox | 2022-05-23 | 6.8 MEDIUM | 8.8 HIGH |
| One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://www.phishingtarget.com@evil.com'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser. This vulnerability affects Firefox < 86. | |||||
| CVE-2022-22393 | 1 Ibm | 1 Websphere Application Server | 2022-05-23 | 3.5 LOW | 6.5 MEDIUM |
| IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. | |||||
| CVE-2021-23974 | 1 Mozilla | 1 Firefox | 2022-05-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86. | |||||
| CVE-2022-21131 | 1 Intel | 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more | 2022-05-23 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-46787 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||||
| CVE-2021-46788 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. | |||||
| CVE-2022-29789 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-22261 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29791 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29790 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | |||||
| CVE-2022-29792 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-29796 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||