Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24378 | 1 Intel | 1 Data Center Manager | 2022-08-19 | N/A | 5.5 MEDIUM |
| Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-23403 | 1 Intel | 1 Data Center Manager | 2022-08-19 | N/A | 5.5 MEDIUM |
| Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2022-23182 | 1 Intel | 1 Data Center Manager | 2022-08-19 | N/A | 8.8 HIGH |
| Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2022-21181 | 1 Intel | 14 Dual Band Wireless-ac 8260, Dual Band Wireless-ac 8260 Firmware, Dual Band Wireless-ac 8265 and 11 more | 2022-08-19 | N/A | 7.8 HIGH |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-26254 | 1 Intel | 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more | 2022-08-19 | N/A | 5.5 MEDIUM |
| Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2022-35909 | 1 Jellyfin | 1 Jellyfin | 2022-08-19 | N/A | 8.8 HIGH |
| In Jellyfin before 10.8, the /users endpoint has incorrect access control for admin functionality. | |||||
| CVE-2022-1021 | 1 Chatwoot | 1 Chatwoot | 2022-08-19 | N/A | 5.4 MEDIUM |
| Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0. | |||||
| CVE-2021-23168 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2022-08-19 | N/A | 6.5 MEDIUM |
| Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2022-35910 | 1 Jellyfin | 1 Jellyfin | 2022-08-19 | N/A | 5.4 MEDIUM |
| In Jellyfin before 10.8, stored XSS allows theft of an admin access token. | |||||
| CVE-2021-26950 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2022-08-19 | N/A | 5.5 MEDIUM |
| Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2021-44470 | 1 Intel | 1 Connect M | 2022-08-19 | N/A | 5.5 MEDIUM |
| Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-23765 | 1 Iptime | 6 Nas1dual, Nas1dual Firmware, Nas2dual and 3 more | 2022-08-19 | N/A | 8.8 HIGH |
| This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request. | |||||
| CVE-2022-26305 | 1 Libreoffice | 1 Libreoffice | 2022-08-19 | N/A | 7.5 HIGH |
| An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro was actually signed with the certificate. An adversary could therefore create an arbitrary certificate with a serial number and an issuer string identical to a trusted certificate which LibreOffice would present as belonging to the trusted author, potentially leading to the user to execute arbitrary code contained in macros improperly trusted. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1. | |||||
| CVE-2021-30070 | 1 Hestiacp | 1 Hestiacp | 2022-08-19 | N/A | 7.5 HIGH |
| An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager. | |||||
| CVE-2022-35153 | 1 Fusionpbx | 1 Fusionpbx | 2022-08-19 | N/A | 9.8 CRITICAL |
| FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php. | |||||
| CVE-2020-36599 | 1 Omniauth | 1 Omniauth | 2022-08-19 | N/A | 9.8 CRITICAL |
| lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value. | |||||
| CVE-2022-25966 | 1 Intel | 1 Edge Insights For Industrial | 2022-08-19 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-35154 | 1 Shopro | 1 Mall System | 2022-08-19 | N/A | 9.8 CRITICAL |
| Shopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter. | |||||
| CVE-2022-35164 | 1 Gnu | 1 Libredwg | 2022-08-19 | N/A | 9.8 CRITICAL |
| LibreDWG v0.12.4.4608 & commit f2dea29 was discovered to contain a heap use-after-free via bit_copy_chain. | |||||
| CVE-2021-33847 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2022-08-19 | N/A | 7.8 HIGH |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||