Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40063 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2022-23265 | 1 Microsoft | 1 Defender For Iot | 2022-03-14 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Defender for IoT Remote Code Execution Vulnerability. | |||||
| CVE-2021-40055 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 7.1 HIGH | 5.9 MEDIUM |
| There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2022-21973 | 1 Microsoft | 4 Windows 7, Windows 8.1, Windows Rt 8.1 and 1 more | 2022-03-14 | 2.1 LOW | 5.5 MEDIUM |
| Windows Media Center Update Denial of Service Vulnerability. | |||||
| CVE-2021-46703 | 1 Razorengine Project | 1 Razorengine | 2022-03-14 | 7.5 HIGH | 9.8 CRITICAL |
| ** UNSUPPORTED WHEN ASSIGNED ** In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-24753 | 2 Microsoft, Stripe | 2 Windows, Stripe Cli | 2022-03-11 | 4.4 MEDIUM | 7.0 HIGH |
| Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are `stripe login`, `stripe config -e`, `stripe community`, and `stripe open`. MacOS and Linux are unaffected. An attacker who successfully exploits the vulnerability can run arbitrary code in the context of the current user. The update addresses the vulnerability by throwing an error in these situations before the code can run.Users are advised to upgrade to version 1.7.13. There are no known workarounds for this issue. | |||||
| CVE-2021-22783 | 1 Schneider-electric | 1 Ritto Wiser Door | 2022-03-11 | 4.8 MEDIUM | 7.6 HIGH |
| A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door (All versions) | |||||
| CVE-2022-0384 | 1 Video Conferencing With Zoom Project | 1 Video Conferencing With Zoom | 2022-03-11 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog | |||||
| CVE-2021-44166 | 1 Fortinet | 1 Fortitoken Mobile | 2022-03-11 | 3.5 LOW | 4.1 MEDIUM |
| An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user. | |||||
| CVE-2022-26313 | 1 Mendix | 1 Forgot Password | 2022-03-11 | 6.8 MEDIUM | 9.8 CRITICAL |
| A vulnerability has been identified in Mendix Forgot Password Appstore module (All versions >= V3.3.0 < V3.5.1). In certain configurations of the affected product, a threat actor could use the sign up flow to hijack arbitrary user accounts. | |||||
| CVE-2022-23954 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-11 | 2.1 LOW | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||
| CVE-2022-23955 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-11 | 2.1 LOW | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||
| CVE-2022-23957 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-11 | 2.1 LOW | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||
| CVE-2022-23958 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-11 | 2.1 LOW | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||
| CVE-2022-23233 | 1 Netapp | 1 Storagegrid | 2022-03-11 | 5.0 MEDIUM | 7.5 HIGH |
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. | |||||
| CVE-2021-42950 | 1 Zepl | 1 Zepl | 2022-03-10 | 6.5 MEDIUM | 8.8 HIGH |
| Remote Code Execution (RCE) vulnerability exists in Zepl Notebooks all previous versions before October 25 2021. Users can register for an account and are allocated a set number of credits to try the product. Once users authenticate, they can proceed to create a new organization by which additional users can be added for various collaboration abilities, which allows malicious user to create new Zepl Notebooks with various languages, contexts, and deployment scenarios. Upon creating a new notebook with specially crafted malicious code, a user can then launch remote code execution. | |||||
| CVE-2021-42951 | 1 Algorithmia | 1 Msol | 2022-03-10 | 6.5 MEDIUM | 8.8 HIGH |
| A Remote Code Execution (RCE) vulnerability exists in Algorithmia MSOL all versions before October 10 2021 of SaaS. Users can register for an account and are allocated a set number of credits to try the product. Once users authenticate, they can proceed to create a new, specially crafted Algorithm and subsequently launch remote code execution with their desired result. | |||||
| CVE-2021-45414 | 1 Datarobot | 1 Datarobot | 2022-03-10 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution (RCE) vulnerability exists in DataRobot through 2021-10-28 because it allows submission of a Docker environment or Java driver. | |||||
| CVE-2022-23956 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||
| CVE-2022-23953 | 1 Hp | 4 Probook 440 G8, Probook 440 G8 Firmware, Prodesk 405 G6 Small Form Factor and 1 more | 2022-03-10 | 4.9 MEDIUM | 5.5 MEDIUM |
| Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | |||||