Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23295 | 1 Korenix | 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more | 2023-03-06 | N/A | 8.8 HIGH |
| Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root. | |||||
| CVE-2022-41314 | 1 Intel | 16 Administrative Tools For Intel Network Adapters, Ethernet Controller E810, Ethernet Network Adapter E810-cqda1 and 13 more | 2023-03-06 | N/A | 7.8 HIGH |
| Uncontrolled search path in some Intel(R) Network Adapter installer software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-23294 | 1 Korenix | 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more | 2023-03-06 | N/A | 8.8 HIGH |
| Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root. | |||||
| CVE-2022-38056 | 1 Intel | 1 Endpoint Management Assistant | 2023-03-06 | N/A | 5.3 MEDIUM |
| Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access. | |||||
| CVE-2021-33224 | 1 Umbraco | 1 Umbraco Forms | 2023-03-06 | N/A | 9.8 CRITICAL |
| File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file. | |||||
| CVE-2023-25693 | 1 Apache | 1 Airflow Sqoop Provider | 2023-03-06 | N/A | 9.8 CRITICAL |
| Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1. | |||||
| CVE-2023-25692 | 1 Apache | 1 Apache-airflow-providers-google | 2023-03-06 | N/A | 7.5 HIGH |
| Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. | |||||
| CVE-2022-34157 | 1 Intel | 2 Fpga Software Development Kit, Quartus Prime | 2023-03-06 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) FPGA SDK for OpenCL(TM) with Intel(R) Quartus(R) Prime Pro Edition software before version 22.1 may allow authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-25691 | 1 Apache | 1 Apache-airflow-providers-google | 2023-03-06 | N/A | 9.8 CRITICAL |
| Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. | |||||
| CVE-2023-23296 | 1 Korenix | 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more | 2023-03-06 | N/A | 6.5 MEDIUM |
| Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault. | |||||
| CVE-2023-1009 | 1 Draytek | 2 Vigor2960, Vigor2960 Firmware | 2023-03-06 | N/A | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in DrayTek Vigor 2960 1.5.1.4. Affected is the function sub_1DF14 of the file /cgi-bin/mainfunction.cgi. The manipulation of the argument option with the input /../etc/password leads to path traversal. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. VDB-221742 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-46440 | 1 Swftools | 1 Swftools | 2023-03-06 | N/A | 5.5 MEDIUM |
| ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c. | |||||
| CVE-2022-35729 | 2 Intel, Openbmc-project | 58 C621a, C624a, C627a and 55 more | 2023-03-06 | N/A | 7.5 HIGH |
| Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access. | |||||
| CVE-2022-45697 | 1 Razer | 1 Razer Central | 2023-03-06 | N/A | 7.8 HIGH |
| Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. | |||||
| CVE-2022-30339 | 1 Intel | 1 Integrated Sensor Solution | 2023-03-06 | N/A | 4.4 MEDIUM |
| Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2022-30704 | 1 Intel | 934 Celeron 1000m, Celeron 1000m Firmware, Celeron 1005m and 931 more | 2023-03-06 | N/A | 6.7 MEDIUM |
| Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-32231 | 1 Intel | 362 Xeon Bronze 3104, Xeon Bronze 3104 Firmware, Xeon Bronze 3106 and 359 more | 2023-03-06 | N/A | 6.7 MEDIUM |
| Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-34849 | 2 Intel, Microsoft | 2 Iris Xe Max Dedicated Graphics, Windows | 2023-03-06 | N/A | 4.4 MEDIUM |
| Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2022-26888 | 1 Intel | 1 Quartus Prime | 2023-03-06 | N/A | 4.1 MEDIUM |
| Cross-site scripting in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2023-1010 | 1 Vox2png Project | 1 Vox2png | 2023-03-06 | N/A | 5.5 MEDIUM |
| A vulnerability classified as critical was found in vox2png 1.0. Affected by this vulnerability is an unknown functionality of the file vox2png.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221743. | |||||