Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42897 | 1 Arraynetworks | 15 Ag1000, Ag1000t, Ag1000v5 and 12 more | 2022-10-13 | N/A | 9.8 CRITICAL |
| Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected. | |||||
| CVE-2022-41606 | 1 Hashicorp | 1 Nomad | 2022-10-13 | N/A | 6.5 MEDIUM |
| HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0. | |||||
| CVE-2022-41550 | 1 Gnu | 1 Osip | 2022-10-13 | N/A | 6.5 MEDIUM |
| GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. | |||||
| CVE-2021-36913 | 1 Redirection-for-contact-form7 | 1 Redirection For Contact Form 7 | 2022-10-13 | N/A | 7.5 HIGH |
| Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension (plugin) AccessiBe. | |||||
| CVE-2022-31682 | 1 Vmware | 1 Vrealize Operations | 2022-10-13 | N/A | 4.9 MEDIUM |
| VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data. | |||||
| CVE-2022-34430 | 1 Dell | 1 Hybrid Client | 2022-10-13 | N/A | 7.5 HIGH |
| Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification. | |||||
| CVE-2022-20830 | 1 Cisco | 1 Sd-wan Vmanage | 2022-10-13 | N/A | 5.3 MEDIUM |
| A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability exists because the GUI is accessible on self-managed cloud installations or local server installations of Cisco vManage. An attacker could exploit this vulnerability by accessing the exposed GUI of Cisco SD-AVC. A successful exploit could allow the attacker to view managed device names, SD-AVC logs, and SD-AVC DNS server IP addresses. | |||||
| CVE-2022-39271 | 1 Traefik | 1 Traefik | 2022-10-13 | N/A | 7.5 HIGH |
| Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service. There has been a patch released in versions 2.8.8 and 2.9.0-rc5. There are currently no known workarounds. | |||||
| CVE-2022-34432 | 1 Dell | 1 Hybrid Client | 2022-10-13 | N/A | 8.2 HIGH |
| Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders. | |||||
| CVE-2022-34431 | 1 Dell | 1 Hybrid Client | 2022-10-13 | N/A | 6.5 MEDIUM |
| Dell Hybrid Client below 1.8 version contains a guest user profile corruption vulnerability. A WMS privilege attacker could potentially exploit this vulnerability, leading to DHC system not being accessible. | |||||
| CVE-2022-34427 | 1 Dell | 1 Container Storage Modules | 2022-10-13 | N/A | 8.8 HIGH |
| Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | |||||
| CVE-2020-9045 | 2 Johnsoncontrols, Tyco | 2 C-cure 9000 Firmware, Victor Video Management System | 2022-10-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation. | |||||
| CVE-2022-33978 | 1 Fontmeister Project | 1 Fontmeister | 2022-10-13 | N/A | 6.1 MEDIUM |
| Reflected Cross-Site Scripting (XSS) vulnerability FontMeister plugin <= 1.08 at WordPress. | |||||
| CVE-2022-38388 | 1 Ibm | 1 Navigator Mobile | 2022-10-13 | N/A | 5.5 MEDIUM |
| IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968. | |||||
| CVE-2022-38047 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-13 | N/A | 8.1 HIGH |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-38000, CVE-2022-41081. | |||||
| CVE-2022-38050 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2022-10-13 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability. | |||||
| CVE-2022-38049 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2022-10-13 | N/A | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability. | |||||
| CVE-2022-38051 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-10-13 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37997. | |||||
| CVE-2022-34425 | 1 Dell | 1 Enterprise Sonic Distribution | 2022-10-13 | N/A | 7.5 HIGH |
| Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication. | |||||
| CVE-2022-38053 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2022-10-13 | N/A | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41036, CVE-2022-41037, CVE-2022-41038. | |||||