Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46997 | 1 Passhunt Project | 1 Passhunt | 2022-12-16 | N/A | 9.8 CRITICAL |
| Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-46609 | 1 Python3-restfulapi Project | 1 Python3-restfulapi | 2022-12-16 | N/A | 9.8 CRITICAL |
| Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-46996 | 1 Vsphere Selfuse Project | 1 Vsphere Selfuse | 2022-12-16 | N/A | 9.8 CRITICAL |
| vSphere_selfuse commit 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-31696 | 1 Vmware | 2 Cloud Foundation, Esxi | 2022-12-16 | N/A | 8.8 HIGH |
| VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox. | |||||
| CVE-2022-44704 | 1 Microsoft | 1 Windows Sysmon | 2022-12-16 | N/A | 7.8 HIGH |
| Microsoft Windows Sysmon Elevation of Privilege Vulnerability. | |||||
| CVE-2022-46355 | 1 Siemens | 10 6gk5204-0ba00-2kb2, 6gk5204-0ba00-2kb2 Firmware, 6gk5204-0ba00-2mb2 and 7 more | 2022-12-16 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). The affected products are vulnerable to an "Exposure of Sensitive Information to an Unauthorized Actor" vulnerability by leaking sensitive data in the HTTP Referer. | |||||
| CVE-2022-44689 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2019 and 2 more | 2022-12-16 | N/A | 7.8 HIGH |
| Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability. | |||||
| CVE-2022-44687 | 1 Microsoft | 3 Raw Image Extension, Windows 10, Windows 11 | 2022-12-16 | N/A | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability. | |||||
| CVE-2022-41561 | 1 Tibco | 1 Jasperreports Server | 2022-12-16 | N/A | 7.2 HIGH |
| The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute Remote Code Execution to obtain a reverse shell on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server - Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server - Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0. | |||||
| CVE-2022-45871 | 1 F-secure | 1 Atlant | 2022-12-15 | N/A | 7.5 HIGH |
| A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2022-41089 | 1 Microsoft | 11 .net, Windows 10, Windows 11 and 8 more | 2022-12-15 | N/A | 8.8 HIGH |
| .NET Framework Remote Code Execution Vulnerability. | |||||
| CVE-2022-41076 | 1 Microsoft | 11 Powershell, Windows 10, Windows 11 and 8 more | 2022-12-15 | N/A | 8.5 HIGH |
| PowerShell Remote Code Execution Vulnerability. | |||||
| CVE-2022-41121 | 1 Microsoft | 12 Powershell, Remote Desktop, Windows 10 and 9 more | 2022-12-15 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44671, CVE-2022-44680, CVE-2022-44697. | |||||
| CVE-2022-24480 | 1 Microsoft | 1 Outlook | 2022-12-15 | N/A | 6.8 MEDIUM |
| Outlook for Android Elevation of Privilege Vulnerability. | |||||
| CVE-2021-40462 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 11 21h2 and 4 more | 2022-12-15 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability | |||||
| CVE-2021-40463 | 1 Microsoft | 8 Windows 10, Windows 11 21h2, Windows 8.1 and 5 more | 2022-12-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows NAT Denial of Service Vulnerability | |||||
| CVE-2021-40465 | 1 Microsoft | 11 Windows 10, Windows 11 21h2, Windows 7 and 8 more | 2022-12-15 | 6.8 MEDIUM | 7.8 HIGH |
| Windows Text Shaping Remote Code Execution Vulnerability | |||||
| CVE-2022-31698 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2022-12-15 | N/A | 5.3 MEDIUM |
| The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header. | |||||
| CVE-2022-38042 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-12-15 | N/A | 7.1 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability. | |||||
| CVE-2022-41078 | 1 Microsoft | 1 Exchange Server | 2022-12-15 | N/A | 8.0 HIGH |
| Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is unique from CVE-2022-41079. | |||||