Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25795 | 1 Autodesk | 1 Autocad | 2022-10-10 | 6.8 MEDIUM | 7.8 HIGH |
| A Memory Corruption Vulnerability in Autodesk TrueView 2022 and 2021 may lead to remote code execution through maliciously crafted DWG files. | |||||
| CVE-2022-3273 | 1 Ikus-soft | 1 Rdiffweb | 2022-10-09 | N/A | 9.8 CRITICAL |
| Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | |||||
| CVE-2022-26239 | 2 Beckmancoulter, Microsoft | 2 Remisol Advance, Windows | 2022-10-09 | N/A | 5.5 MEDIUM |
| The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data. | |||||
| CVE-2022-26237 | 2 Beckmancoulter, Microsoft | 2 Remisol Advance, Windows | 2022-10-09 | N/A | 5.5 MEDIUM |
| The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data. | |||||
| CVE-2022-41515 | 1 Open Source Sacco Management System Project | 1 Open Source Sacco Management System | 2022-10-09 | N/A | 7.2 HIGH |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_payment. | |||||
| CVE-2022-41514 | 1 Open Source Sacco Management System Project | 1 Open Source Sacco Management System | 2022-10-09 | N/A | 7.2 HIGH |
| Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_loan. | |||||
| CVE-2022-42074 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-10-09 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editcategory.php?id=. | |||||
| CVE-2022-42073 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-10-09 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editclient.php?id=. | |||||
| CVE-2022-41378 | 1 Online Pet Shop We App Project | 1 Online Pet Shop We App | 2022-10-09 | N/A | 7.2 HIGH |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory. | |||||
| CVE-2022-41377 | 1 Online Pet Shop We App Project | 1 Online Pet Shop We App | 2022-10-09 | N/A | 7.2 HIGH |
| Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=maintenance/manage_category. | |||||
| CVE-2022-42092 | 1 Backdropcms | 1 Backdrop Cms | 2022-10-08 | N/A | 7.2 HIGH |
| Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution. | |||||
| CVE-2022-41513 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-10-08 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /diagnostic/edittest.php. | |||||
| CVE-2022-41512 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-10-08 | N/A | 7.2 HIGH |
| An arbitrary file upload vulnerability in the component /php_action/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-41291 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2022-10-08 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699. | |||||
| CVE-2022-36772 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2022-10-08 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user. | |||||
| CVE-2022-22493 | 2 Ibm, Linux | 2 Websphere Automation For Ibm Cloud Pak For Watson Aiops, Linux Kernel | 2022-10-08 | N/A | 8.8 HIGH |
| IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449. | |||||
| CVE-2022-22480 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2022-10-08 | N/A | 7.5 HIGH |
| IBM QRadar SIEM 7.4 and 7.5 data node rebalancing does not function correctly when using encrypted hosts which could result in information disclosure. IBM X-Force ID: 225889. | |||||
| CVE-2022-39877 | 2 Google, Samsung | 2 Android, Group Sharing | 2022-10-08 | N/A | 5.3 MEDIUM |
| Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | |||||
| CVE-2022-39873 | 1 Samsung | 1 Internet | 2022-10-08 | N/A | 4.6 MEDIUM |
| Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication. | |||||
| CVE-2022-21681 | 1 Marked Project | 1 Marked | 2022-10-08 | 5.0 MEDIUM | 7.5 HIGH |
| Marked is a markdown parser and compiler. Prior to version 4.0.10, the regular expression `inline.reflinkSearch` may cause catastrophic backtracking against some strings and lead to a denial of service (DoS). Anyone who runs untrusted markdown through a vulnerable version of marked and does not use a worker with a time limit may be affected. This issue is patched in version 4.0.10. As a workaround, avoid running untrusted markdown through marked or run marked on a worker thread and set a reasonable time limit to prevent draining resources. | |||||