Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29104 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29132. | |||||
| CVE-2022-29103 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. | |||||
| CVE-2022-26934 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22011, CVE-2022-29112. | |||||
| CVE-2022-30450 | 1 Waimairencms Project | 1 Waimairencms | 2022-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php | |||||
| CVE-2022-30063 | 1 Ftcms | 1 Ftcms | 2022-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| ftcms <=2.1 was discovered to be vulnerable to code execution attacks . | |||||
| CVE-2022-30453 | 1 Shopwind | 1 Shopwind | 2022-05-20 | 7.5 HIGH | 9.8 CRITICAL |
| ShopWind <= 3.4.2 has a RCE vulnerability in Database.php | |||||
| CVE-2022-30060 | 1 Ftcms | 1 Ftcms | 2022-05-20 | 6.5 MEDIUM | 8.8 HIGH |
| ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php | |||||
| CVE-2022-29105 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-20 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Windows Media Foundation Remote Code Execution Vulnerability. | |||||
| CVE-2021-26349 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2022-05-20 | 2.1 LOW | 5.5 MEDIUM |
| Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA). | |||||
| CVE-2019-13939 | 1 Siemens | 20 Apogee Modular Building Controller, Apogee Modular Building Controller Firmware, Apogee Modular Equiment Controller and 17 more | 2022-05-20 | 4.8 MEDIUM | 7.1 HIGH |
| A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack. | |||||
| CVE-2022-26926 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-19 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Address Book Remote Code Execution Vulnerability. | |||||
| CVE-2022-29108 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-05-19 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability. | |||||
| CVE-2022-26931 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-05-19 | 6.0 MEDIUM | 7.5 HIGH |
| Windows Kerberos Elevation of Privilege Vulnerability. | |||||
| CVE-2022-26930 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2022-05-19 | 2.1 LOW | 5.5 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability. | |||||
| CVE-2022-29106 | 1 Microsoft | 4 Windows 10, Windows Server 2016, Windows Server 2019 and 1 more | 2022-05-19 | 4.4 MEDIUM | 7.0 HIGH |
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability. | |||||
| CVE-2022-26927 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2022-05-19 | 6.8 MEDIUM | 8.8 HIGH |
| Windows Graphics Component Remote Code Execution Vulnerability. | |||||
| CVE-2021-26342 | 1 Amd | 76 Epyc 7001, Epyc 7001 Firmware, Epyc 7251 and 73 more | 2022-05-19 | 2.1 LOW | 3.3 LOW |
| In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for disclosure of SEV guest memory contents. Users of SEV-ES/SEV-SNP guest VMs are not impacted by this vulnerability. | |||||
| CVE-2022-30130 | 1 Microsoft | 11 .net Framework, Windows 10, Windows 11 and 8 more | 2022-05-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| .NET Framework Denial of Service Vulnerability. | |||||
| CVE-2022-29133 | 1 Microsoft | 1 Windows 11 | 2022-05-19 | 7.2 HIGH | 8.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142. | |||||
| CVE-2021-41545 | 1 Siemens | 8 Desigo Dxr2, Desigo Dxr2 Firmware, Desigo Pxc3 and 5 more | 2022-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). When the controller receives a specific BACnet protocol packet, an exception causes the BACnet communication function to go into a “out of work” state and could result in the controller going into a “factory reset” state. | |||||