Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21987 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-02-14 | 6.0 MEDIUM | 8.0 HIGH |
| Microsoft SharePoint Server Spoofing Vulnerability. | |||||
| CVE-2022-21965 | 1 Microsoft | 1 Teams | 2022-02-14 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft Teams Denial of Service Vulnerability. | |||||
| CVE-2022-21957 | 1 Microsoft | 1 Dynamics 365 | 2022-02-14 | 6.5 MEDIUM | 7.2 HIGH |
| Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability. | |||||
| CVE-2021-37989 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. | |||||
| CVE-2021-37990 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-02-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. | |||||
| CVE-2022-23261 | 1 Microsoft | 1 Edge Chromium | 2022-02-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Tampering Vulnerability. | |||||
| CVE-2021-38010 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | |||||
| CVE-2021-40837 | 3 Apple, F-secure, Microsoft | 8 Macos, Atlant, Elements Endpoint Detection And Response and 5 more | 2022-02-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. | |||||
| CVE-2022-24677 | 1 Hyphp | 1 Hybbs2 | 2022-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Admin.php in HYBBS2 through 2.3.2 allows remote code execution because it writes plugin-related configuration information to conf.php. | |||||
| CVE-2021-45327 | 1 Gitea | 1 Gitea | 2022-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code. | |||||
| CVE-2022-23340 | 1 Joplin Project | 1 Joplin | 2022-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Joplin 2.6.10 allows remote attackers to execute system commands through malicious code in user search results. | |||||
| CVE-2021-30838 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-02-11 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to execute arbitrary code with system privileges on devices with an Apple Neural Engine. | |||||
| CVE-2021-30784 | 1 Apple | 2 Mac Os X, Macos | 2022-02-11 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.5. A local attacker may be able to execute code on the Apple T2 Security Chip. | |||||
| CVE-2021-30774 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-02-11 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. A malicious application may be able to gain root privileges. | |||||
| CVE-2021-30864 | 1 Apple | 1 Macos | 2022-02-11 | 5.0 MEDIUM | 8.6 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2021-30811 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2022-02-11 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information. | |||||
| CVE-2021-30835 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2022-02-11 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-39280 | 1 Korenix | 12 Jetwave 2212g, Jetwave 2212g Firmware, Jetwave 2212s and 9 more | 2022-02-10 | 9.0 HIGH | 8.8 HIGH |
| Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5.1, and 2311 through 2022-01-31. | |||||
| CVE-2021-46359 | 1 Fisco-bcos | 1 Fisco-bcos | 2022-02-10 | 5.0 MEDIUM | 7.5 HIGH |
| FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks. | |||||
| CVE-2022-21392 | 1 Oracle | 1 Enterprise Manager Base Platform | 2022-02-10 | 7.2 HIGH | 8.8 HIGH |
| Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data. CVSS 3.1 Base Score 8.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | |||||